The Persistence of Paradoxical Password Problems

Morgan O'Rourke


November 1, 2016

password security

With the recent news that more than 500 million Yahoo accounts were hacked in the largest known data breach to date, password security has never been more important. Unfortunately, many people have still not adjusted their behavior accordingly.

A survey by password management software provider LastPass revealed that, while 91% understand that there is a risk to reusing passwords on multiple sites, 61% still do so anyway. Additionally, even though 82% know that the strongest passwords are made up of a complex combination of letters, numbers and symbols, 47% use their initials or the names of friends and family to create passwords, while 42% choose significant dates and numbers, and 26% use the names of their pets.

LastPass also found that users are more likely to create stronger passwords for their financial accounts than for retail, social media or entertainment sites. According to the Identity Theft Resource Center, however, as of the end of September, only about 4% of the more than 700 data breaches reported this year involved financial institutions.

More troubling for business security efforts, 39% said they create stronger passwords for personal accounts than they do for work accounts.

Morgan O’Rourke is editor in chief of Risk Management and director of publications for the Risk & Insurance Management Society, Inc. (RIMS)