Survey finds easy passwords 'common'

2012-10-25 07:30

Cape Town - A global survey has found that more than a third of computer users have weak passwords that may leave them vulnerable to being attacked online.

Research conducted by O+K Research for Kaspersky Lab in 25 countries found that 34% of users made use of passwords that were too easy to guess.

Many used a date of birth (17%) a name (10%), or a pet's name (9%) as their password. In SA, 13% used their pet's name as a password, the survey showed.

Some used simple passwords like "123456" or even the word "password", the survey found.

Fraudsters are actively engaged in trying to steal identities and the online arena has proved to be lucrative for criminals to use stolen identities to commit unlawful acts and leave the victim with the responsibility to prove their innocence.

"A brute-forced or stolen password can give access to a user's every last detail - starting with personal photos and finishing with credit card details. Therefore complex passwords to access online services are critical," Kaspersky said.


All communication technologies that can identify users should be well-protected to prevent thieves from accessing users' details and committing crimes.

"We all have smartphones now and do we use it for work? Of course. All our correspondence - e-mails, passwords are stored on our mobile phones. It can be hacked or stolen - it isn't protected well. It's important to think about security of all these new technologies," Sergey Novikov, head of Kaspersky Lab Global Research and Analysis Team told News24.

Strong passwords include using a combination of letters, numbers and symbols. It is also important to change passwords regularly to exercise better security.

In the US, the FBI disrupted an international cyber fraud operation by seizing the servers that had infected as many as two million computers with malicious software in 2011.

"Some of the most critical threats facing our nation today emanate from the cyber realm. We've got hackers out to take our personal information and money, spies who want to steal our nation's secrets, and terrorists who are looking for novel ways to attack our critical infrastructure," said Shawn Henry, FBI executive assistant director in 2011.

- Follow Duncan on Twitter

  • konfab - 2012-10-25 07:54 This comic explains why

      jason.dutoit - 2012-10-25 08:20

      xkcd ftw!

  • tobydt - 2012-10-25 08:04

    My password is 654321. No wait, thats my bankpin.

      konstabel.koekemoer - 2012-10-26 09:27

      can we please also have your bank account number

  • paul.bester1 - 2012-10-25 08:04

    Yip, and then you get websites like ABSA Internet Banking that doesn't allow the use of special characters in your password, e.g: @, #, etc.

      Dooie - 2012-10-25 12:56

      Strange isn't it? I always wonder how a simple forum can accept special characters but the banks don't. I know Standard and Nedbank do not allow it. They are supposed to be more secure and enforce srong passwords on any internet banker.

  • jason.dutoit - 2012-10-25 08:19

    i use my mother's maiden name. nobody could possibly guess that.

  • M.T.Selepe - 2012-10-25 08:37

    You have been WARNED!!!!

  • ian.flack2 - 2012-10-25 08:43

    A password for this, a password for head is spinning and I can't remember them all, I'm getting older too and a little more forgetful. Get a password manager then ..... oh wait, you need a password there as well....(keep all your passwords in one place ready for the hacker).. there must be an easier way, how about making available a cheap bio-keypad

      roy.wadhams.1 - 2012-10-25 09:59

      If you are using your PC to do anything that requires passwords download a Key Scrambler(Free) or get Zemana Anti Logger(very small fee per year) Have NEVER had a problem doing anything over the Internet that requires my password(s)

  • stephan.coetzee.14 - 2012-10-25 08:59

    Lol ppl actually gave up their passwords in a survey ? that's common

  • Dooie - 2012-10-25 12:54

    My passwords range from 10 characters to 53 characters. Depending on the security I need for that specific application. I also use Afrikaans words and misspell then deliberately in case they try brute force using a dictionary.

  • firstseed.mbeva - 2012-10-25 15:08

    Time is money

  • pages:
  • 1