What is password reuse, and why is it a security problem?
One of the most common threats – and serious vulnerabilities – is not related at all to software or applications, but rather human beings and our habits: password reuse. Password reuse is a problem where people try to remember multiple passwords for everything they interact with on a regular basis, but instead use the same password on multiple systems.
Once one account is compromised, all of the accounts that share that password become compromised. The more a password is reused, the more opportunities there are for that password to be compromised or stolen. If a website is compromised, hackers will use the passwords and login information on other websites in an attempt to gain access to other accounts such as financial websites or email accounts. According to industry experts 99% of compromised user accounts come from password reuse.
The best way to keep yourself protected online is to use strong, unique passwords for every account. That way, even if your password for one website is compromised, the others stay secure. This is especially crucial when you create accounts for websites that store sensitive or financial data.
Here are some staggering statistics that show the magnitude of the password reuse problem.
- A Google survey found that at least 65% of people reuse passwords across multiple, if not all, sites.
- Another recent survey found that 91% of respondents claim to understand the risks of reusing passwords across multiple accounts, but 59% admitted to doing it anyway.
- Microsoft recently announced that a staggering 44 million accounts were vulnerable to account takeover due to compromised or stolen passwords.
- The average person reuses each password as many as 14 times.
- Security.org found that 76% of millennials recycle their passwords.
- Compromised passwords are responsible for 81% of hacking-related breaches, according to the Verizon Data Breach Investigations Report.