Over a quarter of people have willingly given away their passwords to someone else, according to a survey that Jake Moore, Cybersecurity Specialist at ESET, recently ran on Twitter, receiving over 2,700 responses.
The survey into the ways that people share their media service accounts with friends and family gives some great insight into how people treat their passwords, finding that:
- 60% of people share their accounts with at least one other person, such as family members and friends. One in three account holders shared their services with two or more others.
- More than 1 in 5 people gave their password to the people who share their account by saying it out loud, and 7.5% of respondents texted or emailed the password. That said, 30% of people who shared it typed their password in themselves, presumably hidden from any spectators.
- Therefore, over a quarter of people have willingly given away their passwords to someone else and there is also often some sort of written record of it.
- 14% of people use the same passwords across multiple accounts online, meaning that their accounts can become easy pickings for criminals
If you were to ask somebody if they share their email account password with anyone else, the vast majority would probably say “absolutely no chance!”, but when it comes to media services such as Netflix, Amazon Prime and Spotify, such password sharing is actually quite common. It may sound innocent, but when people are using the same password for their media service that they use for other accounts, it starts to become dangerous and the risk of account compromises increases. With daily data breaches and a lack of public cyber-awareness, we need to start to understand the risks of cybercrime.
A good place to start is with password education. My advice would be to use a passphrase consisting of at least three random words with some punctuation or numbers to separate the words. This will make you remember the passphrase from just looking at it once and easy to enter where you have to. It’s also a good idea to change your media services passwords once a year. This will flush out anyone who has gained access over the last year who maybe shouldn’t.
But where should you store these unique passwords and account details? I have hundreds of accounts and there is no way I could remember every single password I use. The answer lies with the use of a robust password manager. Password managers are a secure way to store passwords so that you don’t have to remember hundreds of credentials whilst keeping them all unique and complex. Once you need to use a particular password, you can open your password vault, possibly even using biometric security, and copy the password into the field required.