Strong passwords should contain at least eight characters and have a combination of upper and lowercase letters, a numeral and a special character, but according to Consumer Reports’ new survey, three-quarters of Americans don’t protect their most sensitive accounts with a strong enough password.
This leaves them vulnerable to attacks by hackers. The full findings can be found in the January 2012 issue of Consumer Reports and online at http://www.consumerreports.org/.
Consumer Reports national survey of 1,000 adults also uncovered other ways consumers are putting their personal information at risk:
- Thirty-two percent of respondents used a personal reference in their passwords.
- Twenty-nine percent store passwords on a list they carry with them, near their computer, or in an insecure file on their tablet or mobile device; the same percentage also use passwords on their most sensitive accounts that are too short – with seven or fewer characters.
- Almost 20 percent used the same password for more than five accounts.
Five Ways to Protect Passwords
To protect online accounts, Consumer Reports advises consumers to follow the password-protection measures below:
- Don’t use the same one twice. Use a different password for each sensitive website like banking, online shopping, and social networks. If a hacker obtains a password you use from one site, he’ll have access to your other accounts. To make passwords easier to remember, it’s fine to use a similar character pattern from site to site, varying part of it in a way that’s intuitive to you but not obvious to anyone else.
- Make passwords strong. Create a password that contains a minimum of eight characters. Include an uppercase and a lower case letter, plus a digit and a special character.
- Avoid the obvious. Hackers have extensive dictionaries of widely used passwords. When composing a password, don’t use common words, names or facts that someone can easily guess or find out. Avoid predictable patterns, such as starting with an uppercase letter.
- Keep passwords safe and up-to-date. Don’t write down full passwords, but, if you must, keep them under lock and key. Don’t give passwords to anyone over the phone, via e-mail, or through a social network. Consider replacing old passwords with stronger ones; they may once have been strong enough but may now be too weak for today’s hackers.
- Secure computers and browsers. Keyloggers and other malware are a real risk, especially on publicly accessible computers. Keep operating systems and major applications up-to-date. Run an effective security software suite that automatically updates itself. When browsing a password-protected website, look for “https” in the site’s address. Sign into accounts by typing the URL into the browser, not by clicking on a link in an email; it could take you to a fake site.
The full report, “Hack-proof your passwords,” also features insight and advice from computer security experts and gives tips on creating a strong password that’s easy to remember. The article can be found in the January 2012 issue of Consumer Reportsand online.