Password Day Offers Useful Reminder of How Bad Passwords Are

May 4th isn’t just a special day for Star Wars fans, it’s also World Password Day, and a newly released survey report from TeleSign is helping to draw attention to the consumer experience.

There isn’t a great deal to celebrate. The survey of 1,300 adults found that 46 percent are using a password that is at least five years old, and that 71 percent of accounts are ‘secured’ with duplicate passwords. These are worrying figures: Passwords are at their most effective when they are changed frequently, and the use of the same password for two accounts means both can be compromised if the password is stolen.

Millennials, who log in to a greater number of online accounts and services than any other demographic, seem to be re-using passwords frequently: 35 percent said they use fewer than five passwords across all of these accounts. That could help to explain why 64 percent of millennials had online accounts compromised in the past year, compared to the 51 percent average across all consumers – itself a disturbing statistic.

When you consider how easy it is to guess the most popular passwords – “123456”, “qwerty”, and “password” were all in the top ten in a recent ranking – the situation looks even more dire. Meanwhile, more sensitive information than ever is stored online. Almost a third of TeleSign’s survey respondents said their online lives are worth anywhere from $100,000 to “priceless”, lending a tragicomic aspect to these concerning password trends.

Of course, consumers are also increasingly aware that their password security isn’t good enough, and there’s a growing appetite for alternatives. More than half of respondents (53 percent) said they prefer 2FA security – systems like sending a notification to user’s phone to confirm login – to passwords; and 73 percent said they want companies to provide security beyond password-based systems.

At the same time, new technologies are emerging to offer convenient security solutions, such as biometric authentication – fingerprint and iris scanning, facial recognition, and so on. Some of these technologies are already going mainstream thanks to their appearance in products like the iPhone and Samsung’s new Galaxy S8 smartphones, and users are seeing how easy it is to log in with the tap of a finger, or by looking into a camera. And some companies are starting to experiment with behavioral biometrics, looking at patterns in how individuals use their devices or interact with websites to help figure out if they are who they claim to be – a verification process that doesn’t require any extra work from the user.

With such solutions available, and consumers and businesses alike growing increasingly interested in them, World Password Day will offer an annual reminder of just how much better security is getting than it was when we were all stuck with passwords.

Sources: TeleSign, The Huffington Post

May 4, 2017 – by Alex Perala