We all should know by now that password reuse is a big problem.
Many computer users make the mistake of trusting the same password to protect their different online accounts, not realising that if one site gets hacked that may provide the key for hackers to break in elsewhere.
Malicious attackers use credential stuffing techniques to automatically throw databases of stolen usernames and passwords at a site to see which combination will grant them access.
So it’s important to ensure that all your passwords are unique, as well as being impossible to guess and hard to crack.
But that doesn’t mean it’s good enough just to make a minor change to your passwords.
A survey of 200 people conducted by security outfit HYPR has some alarming findings.
For instance, not only did 72% of users admit that they reused the same passwords in their personal life, but also 49% admitted that when forced to update their passwords in the workplace they reused the same one with a minor change.
Furthermore, many users were clearly relying upon their puny human memory to remember passwords (42% in the office, 35% in their personal lives) rather than something more reliable. This, no doubt, feeds users’ tendency to choose weak, easy-to-crack passwords as well as reusing old passwords or making minor changes to existing ones.