One third of people use the same password for every login, creating a high security risk for businesses, a new survey has found.
According to the findings of the survey, firms are being put at risk because if a hacker finds the password used by those staff — even privately on sites such as Facebook — then he or she may be able to access all of their logins, potentially harming business systems.
Sophos, the IT security supplier that conducted the survey of nearly 700 respondents, said it was important that users were reminded to choose "unique and multiple passwords" for every login they used.
The ease with which passwords were being cracked by cybercriminals was demonstrated by recent high profile security breaches, Sophos said, including hackers accessing justice secretary Jack Straw's Hotmail account.
Only one in five users were making the effort to use different passwords for each website, the survey found. Forty eight percent of people have several different passwords, some of which they use on multiple logins.
Graham Cluley, senior technology consultant at Sophos, said: "Once one password has been compromised, it's only a matter of time before the fraudsters will be able to gain access to your other accounts and steal information for financial gain."
Addressing concerns that users log into so many websites and systems that it is impossible to remember all the passwords, Cluley said: "A good trick is to pick a sentence and just use the first letter of every word to make up your password. To make it even stronger, you can replace words like 'for' for the number 4, and this should give you peace of mind that your password won't be guessed."
Password management systems can be used to encrypt all passwords and only allow access to them using a strong master password.
Join the Computerworld LinkedIn Group. This group is open to IT Leaders, MIS & IT Managers, Network & Infrastructure Managers who share insights, discuss challenges & wins and keep abreast of cutting edge technologies.