One in five users think their passwords are of no value to criminals
One in five Internet users assume their passwords are of no value to cyber criminals, according to a survey conducted by Kaspersky Lab and B2B International.
One in five Internet users assume their passwords are of no value to cyber criminals, according to asurveyconducted by Kaspersky Lab and B2B International. However, passwords are the keys to the account holders' personal data, private lives, and even their money – and if they are stolen the consequences can affect not only individual users, but also their contacts, warns Kaspersky Lab.
According to the research results, only half (52 per cent) of respondents named passwords among the valuable information that they would not want to see in the hands of cybercriminals, while 21 per cent of those surveyed saw no inherent value in their passwords for criminals. Yet, passwords are often the first line of defence when it comes to protecting online accounts and can be extremely lucrative for cybercriminals.
For example, a compromised password to an e-mail account can provide scammers with access to all accounts connected to that address, particularly if the same password is used across multiple accounts. Similarly, a compromised social networking account can enable cybercriminals to spread spam advertising and malicious links, while a password to an online shopping account provides cybercriminals with an opportunity to harvest financial data and spend other people's money.
With many users not worried about their passwords being compromised, many often take the easy way out when creating and storing their passwords. Only 26 per cent of users create a separate password for each account while even less (six per cent) use special password storage software. Instead many rely on insecure storage methods such as recording passwords in a notebook (18 per cent of those surveyed), while eleven per cent store them in a file on the device, and ten per cent leave them on a sticker near the computer. Even more worryingly, 17 per cent of users freely share their personal account passwords with family members and friends.
Despite this lack of concern for password security, statistics show that password theft is a common occurrence. In 2014, Kaspersky Security Network figures indicate that Kaspersky Lab protected 3.5 million people from malicious attacks which were capable of stealing usernames and passwords to accounts of various types. Furthermore, 14 per cent of respondents from 23 countries also reported that their accounts had been hacked during the year.
"Even if you are not a celebrity or a billionaire, cybercriminals can profit from your credentials",says Kirill Slavin, General Manager, Kaspersky Lab UK and Ireland. "A password is like a key to your home; you wouldn't leave your door on the latch, or put your keys where anyone could find them, just because you don't think you have anything of great value. Complex passwords unique to each account, carefully stored in a safe place, will save you a lot of trouble."
To protect your account against unauthorised entry, you should follow a few simple rules:
- Create a unique password for each account: if one of them is stolen, the rest will remain safe.
- Create a complex password that won't be easy to crack even using special programs. That means at least eight symbols including upper and lower-case letters, numbers, punctuation marks, and no pet names or dates of birth!
- Do not give your password to anyone, not even your friends. If cybercriminals can't steal it from your device, they might be able do it from someone else's.
- Store your password in a safe place. Don't write it down on paper; either remember it or use a special program for storing passwords from a reliable vendor such as Kaspersky Password Manager, which is also integrated in Kaspersky Total Security – Multi-Device.
To help consumers remove the complexity from password management, Kaspersky Password Manager does more than securely storing strong passwords away from curious eyes or prying malware; it automatically enters the user's credentials on pages without the need to remember several complex passwords. A strong password generator is another feature of Kaspersky Password Manager for Windows.