ZoneAlarm Survey Reveals That Passwords Are The Weakest Link In Online Security
December 2010 by Check Point
Check Point announced the findings of a ZoneAlarm survey which showed that 79% of consumers use risky password construction practices, such as including personal information and words. The survey also revealed that 26% of respondents reuse the same password for important accounts such as email, banking or shopping and social networking sites.
In addition, as much as 8% admit to copying an entire password found online in a listing of “good” passwords. 29% of respondents had their own email or social network account hacked, and over half (52%) know someone who has had a similar problem.
The first thing a hacker will do to break into a computer or secure account is try and guess the victim’s password. Automated programs are also available to repeatedly guess passwords from a database of common words or other information. The ZoneAlarm study also revealed that 22% of respondents had experienced email hacking and 46% know of others who experienced similar email problems.
Additionally, about 22% of respondents had experienced social network account hacking and 32% know others who have also had similar problem. Once a hacker gains access to one account, almost 30% of the time that information can be used to access other sites that contain financial data such as bank account numbers and credit card information.
“Especially now, with online shopping on the rise this holiday season, consumers need to be aware of the importance of passwords and the fact that hackers are getting more and more sophisticated in cracking them,” said Bari Abdul, vice president of consumer sales at Check Point. “By creating a unique password for each important account, consumers create the first line of defense against online thieves who can’t wait to gain access to critical data for financial gain.”
To ensure consumers stay safe online and enjoy this holiday season, here are a few tips for creating a strong password:
Choose a password that is at least 8 to 10 characters long. This should be long enough to prevent brute force attacks. Since brute force attacks consist of trying every possible code, combination, or a password until the right one is found.
Make sure your password is difficult to guess. Do not use names of any kind, including your login name, family member’s name or a pet’s name. Also avoid using personal information such as a phone number, birthday or place of birth.
Avoid words that can be found in the dictionary. With the availability of online dictionaries it is easy for someone to write a program to test all of the words until they find the right one.
Stay away from repeated characters or easy to guess sequences. For example: 77777, 12345, or abcde.
Choose a password that is a mixture of numbers, letter and special characters. The more complex and random it is the harder it will be for a malicious person to crack.
Use fragments of words that will not be found in a dictionary. Break the word in half and put a special character in the middle.
Choose different and unique passwords for all of the important sites.
Change your passwords often. Even if someone cracks the system password file, the password they obtain is not likely to last long.
Use a reliable password protection solution.
The Zoomerang survey, sponsored by Check Point, was conducted in December 2010, surveying over 250 PC users in United States. The survey sample included randomly chosen adults ages eighteen and over.