Las passwords they still are the pending subject of the Spanish despite being one of the main measures to protect digital identity, since only one in three uses different passwords for each online platform.
Using the same password for everything poses a risk to digital identity, since once the cybercriminal obtains said key, he has unlimited access to all our data. Despite this, 33 percent use different passwords for each online platform compared to another 30 percent who use the same password, but with small variations.
This data is extracted from the latest study on the robustness of passwords carried out by Panda Security, which also shows that almost half of Spaniards claim to know all their Internet passwords by hearteven though these are different, compared to 11 percent who prefer to use a password manager and 5 percent who follow the traditional method of writing them down on paper, in a Word document or note on the computer.
A survey carried out by the cybersecurity company S2 Grupo indicates that 42 percent of Internet users use the same password for everything. It is, as they explain in a statement, one of the main mistakes that are made when selecting the first security barrier that we set in the ‘online’ world.
To understand the risks, the managing partner of this firm, José Rosell, points out in a statement that “no one would dream of having the same key for their house, apartment, mailbox, car or gym locker“, a practice that in the ‘offline’ world “we know cannot happen”.
“However, in the ‘online’ world this dangerous practice is common and cybercriminals are also savvy. Therefore, doing so puts all our devices, accounts and personal information at high risk,” said Rosell.
Another frequent error that users make is to use only letters, numbers or only combining words and numbers. In fact, the managing partner of S2 Grupo, Miguel A. Juan, has pointed out that the most used passwords, “and therefore the worst and most insecure”, are still ‘12345’, ‘password’, ‘abc123’ or ‘qwerty’ , for example.
If we look at a recent NordPass study, in Spain the most common credential is ‘12345’ y the time it takes to decipher it is less than a second. The same goes for ‘123456’, ‘123456789’, ‘111111’, ‘000000’, ‘barcelona’ or ‘666666’.
From S2 Grupo they also indicate that another of the most common mistakes we make in relation to passwords is not renewing them periodically, saving passwords for convenience in the browser or writing them down on our own devices.
Despite the erroneous practices, the Spanish are concerned about their security ‘online’. According to the Panda Security report, the biggest concern is the theft of bank credentials (31%), followed by virus intrusion in some electronic equipment (27%), the sequestration of personal information (22%) and the account hijacking overall (20%).
THE FIVE ESSENTIALS TO CREATE A STRONG AND SECURE PASSWORD
Knowing some of the bad practices, from Check Point Software they want to point out all those good practices to apply when creating a secure and robust password, which begins with the combination of characters.
“Using words that are in the dictionary or that are related to the user’s personal life is a very common practice. But this custom seriously endangers the privacy of the different services that are accessed every day because the password in question goes to be very easy for a cybercriminal to find out,” they explain in a statement.
The company’s experts propose to always use passwords that combine different numbers, letters, and symbols for each platform. And the latter, precisely, they describe as “fundamental”, in line with what Rosell explained.
They recognize that remembering all the passwords can be “tedious and complicated”, but remember that you can always resort to a password manager which allows both managing and generating different robust access combinations for each service, so that the user only has to memorize a master password.
Another element to take into account is that the longer a password, the stronger it is. Therefore, they point out that at least eight characters should be used. And even if a strong and secure password has been created, it needs to be changed regularly.
Finally, they point out that it is “essential” iimplement a double authentication factor, since “in this way, every time an attacker or unauthorized person wants to access a foreign account, the user who owns it will receive a message on their mobile to grant access”.