1. Home
  2. Technology
  3. Internet
  4. Retail
  5. Password promiscuity puts Brits at risk
RSS Feed

Related Articles

Related Categories

Password promiscuity puts Brits at risk

5th September 2009 Print
Over 1.7 million people are in danger of falling victim of internet fraud as they use exactly the same password every time they go online, according to a report issued from life assistance company CPP.

With a big increase in phishing and smishing attacks and malware (malicious software), where fraudsters try to gain access to consumers’ bank account details, passwords and PIN numbers, the use of inappropriate and insecure passwords is putting us at risk from identity fraud and other forms of criminal activity.

The research reveals that nearly half (46 per cent) of Britons use the same password to login to their banking, shopping and social networking sites with a further 54 per cent confessing to using variations of the same password. And with the average person visiting 23 different sites each month that require a login they are an easy target for fraudsters.

Worryingly, nearly 40 per cent of adults admit that at least one other person knows their passwords, ranging from children, colleagues and friends. And it would seem many are in danger of exes coming back to haunt them – over half a million confess their former partner has access to their personal login. And of particular concern, over a third (39 per cent) think these people may have logged in using their details.

The threat of fraud is real – one in ten people have had their web accounts accessed by fraudsters, with the majority of these attacks (57 per cent) happening in the last year. And as a result, one in twenty reported that they’d had their identity stolen.

Out of the victims, nearly one in five (18 per cent) had goods illegally bought in their name, and one in eight had money stolen – the average sum being over £1,000.

Their vulnerability is heightened by the fact that many unimaginative Brits resort to predictable-passwords that aren’t difficult to track. Nearly one in five (18 per cent) use their pets’ names while one in eight use memorable dates like birthdays (12 per cent). Others use their children’s names (10 per cent) or even their mother’s maiden names (nine per cent)!

The majority (68 per cent) excuse themselves by claiming that it’s too difficult to remember numerous logins while one in five (17 per cent) say they are worried about forgetting a password and being logged out.

Sarah Blaney, identity theft expert at CPP, said: “No sensible person would use the same key for their house, car and garage. In the same way, we shouldn’t use the one password for everything. If possible people should use multiple passwords with a combination of letters and numbers, which should be difficult to crack.”

Robert Schifreen, a reformed computer hacker and author of the best-selling book "Defeating The Hacker", was the first person in the world to face a jury trial in connection with unauthorised access to a computer system. His acquittal by the House of Lords led to the introduction of the Computer Misuse Act 1990 in the UK.

Robert advises: “Use a different password for every online system that you sign up to. Otherwise, an online fraudster who manages to find your single password will have the keys to your entire online life. Also, never type your credit card number, or any other confidential information, into a web site that doesn't have the closed padlock symbol to show that what you're typing is being encrypted.

Plus, make sure that your antivirus software subscription is current, and that the program is continuing to update itself at least once a week."

How to create a secure password

Make sure it is at least 8 characters (9 or 10 would be even better)

Ideally your password should consist of a combination of upper and lower case letter, numbers and special characters like £, $, %, and &

Ideally it should not be a guessable or dictionary word and never use obvious words ‘password’ or ‘hello’

The trick for choosing a password is to pick an everyday word or phrase that means something to you and turn it into something secure. That way, providing you remember how you made it secure, you will find it easier to remember your password, for example:

Think of a phrase, song title or another group of words that you might easily remember and remove the vowels. So ‘Secure Password’ becomes ‘scrpsswrd’. For added security add a four digit number to the end. This could be the last four digits of a friend’s phone number, so we then have ‘scrpsswrd2301’. Finally replace some letters with special characters and make others upper case (replace ‘S’ letters with a ‘£’ sign and change all ‘R’s’ to upper case). So your final password is ‘£cRp££wRd2301’.

Do not write your password down

Do not tell your password to anyone else not even family or friends

If possible use different passwords for different websites

Always log off on your computer when finished particularly on shared use or public computers
Copyright © 2025 Easier Inc