Users recycle the same password an average of four times, according to a Security.org report.
Despite the risk and reality of cybersecurity breaches in the enterprise, the majority (72%) of people said they still recycle passwords, according to a Security.org’s Online Password Strategies report.
Password security has been a long-fought battle, with advances in technology also bringing advances in attack strategies on personal information. Keeping password-protected information secure is more important, and more difficult, than before, leaving users responsible for taking appropriate measures.
SEE: Password managers: How and why to use them (free PDF) (TechRepublic)
Major companies have taken steps to help keep their employees’ password hygiene healthy, including implementing password managers, removing password expirations, forcing employees to regularly change passwords, and even considering completely replacing passwords with safer methods.
However, the report, which surveyed more than 1,000 password users, found that respondents are still recycling the same passwords an average of four times. Some 63% of respondents said they use the same passwords for both entertainment and important sites, including business accounts.
Reusing old passwords can easily result in a type of cybersecurity breach called credential stuffing, the report said, which allows hackers to take information from a previous breach to gain access to other accounts.
To try and remember passwords, 68% of users said they usually tweak a password previously used, which still leaves them vulnerable to an attack. Those who try to come up with more complex passwords, however, often just end up forgetting it, the report found.
The majority of respondents who have been hacked already (89%) said they changed their passwords habits upon finding out the attack happened, the report added.
For more, check out 6 ways to strengthen your password on TechRepublic.