Careless users leak their own passwords, don’t know how to check security


    Stem the leak: 83% think up their own passwords and half don’t know how to check if they have been compromised

    WHEN talking about online security, the biggest enemy is not cybercriminals. It is human carelessness.

    Kaspersky released its latest report ‘Defending digital privacy: taking personal protection to the next level’, and has revealed that 83 percent of users are thinking up their own passwords, while 54 percent say they are unaware about how to check if any of their credentials have already been leaked.

    Moreover, these users, though aware that password sharing is a security breach, still do it on occasion possibly to “trusted” people. Such instances of password leaks or the lack of awareness that these have been shared (with consent or otherwise) highlights the need for storing passwords more securely.

    Passwords are the most common method of authentication, but they only work if they are hard to crack and confidential. And along with or as a part of multi-factor authentication, an increasing number of applications are requiring them. It can be hard to come up with new ideas for complex passwords and memorize these. The difficulty is compounded when software, phone apps or devices require changing passwords regularly.

    In addition to this challenge of creativity for users, it’s becoming more vital to store passwords securely and look out for possible instances when these credentials could be leaked.

    According to Kaspersky’s report, 55 percent of users claim they remember all of their passwords – which can be difficult if security requirements such as password complexity and uniqueness are to be satisfied.

    And though almost every security expert does not recommend it, one in five (19 percent) keep them written in a file or document stored on their computer, (sometimes even in a side of a notebook but not marked as “password”) while 18 percent use the browsers on their computers, smartphones, or tablets to store their passwords.

    Kaspersky has a service called “Secure Password Check.” It allows users to check how strong a created password is, and how long it will possibly take to crack it. Kaspersky, however, acknowledges that even a well-crafted password can be lost if not store properly so it also has a Password Manager embedded in the Kaspersky Internet Security program.

    But, if in case there is reason to believe that a password has been leaked and credentials re compromised, is there a way to check?

    Services such as “Have I Been Pwned?” maintain a database where users can check if their passwords have been included in public leaks or data breaches without visiting the sketchier parts of the web.

    “Consumers can monitor the spread of personal data, including which passwords might have been leaked. And this is not only for the sake of “just being aware”; it also allows individuals to take the right action to minimize any invasion of privacy – along with any wider consequences. That’s why we at Kaspersky put a big focus on protecting consumer’s privacy,” Marina Titova, Head of Consumer Product Marketing at Kaspersky explained.

    To ensure the safety of personal data, Kaspersky recommends that users follow the simple guidelines.

    1. Minimize the number of people you share account login information with and never leave passwords where others might find them – be it on paper or on a device. Keeping them on sticky notes or a pad might be tempting, but it will also be just as easy for others to access things you don’t want them to.
    2. Use strong and robust passwords generated by a reliable security solution like Kaspersky Password Manager. This will produce secure, unique passwords for each account every time and help you resist the temptation to re-use the same password more than once
    3. Find out if any passwords used to access online accounts have been compromised. For those running Kaspersky security software, the Account Check feature within Kaspersky Security Cloud allows users to check their accounts for potential data leaks. If one is detected, the solution provides information about the categories of data that may be publicly accessible so that the individual affected can take the appropriate action.


    Please enter your comment!
    Please enter your name here