Friday, August 07, 2020
63.0°F

Study: Nearly half of Americans password-stressed

| July 16, 2020 1:00 AM

Forty percent of American computer users find coping with passwords as stressful as worrying about retirement. The same percentage forget their email passwords.

New research by password manager NordPass (the cybersecurity team behind NordVPN) indicates nearly half of Americans are extremely frustrated with passwords. Even more — 66 percent — say they have too many to manage.

Especially when sites expect us to change them, who can keep up?

Combining two 2020 studies measuring search habits, the NordPass research explores which passwords Americans forget the most and why. Email passwords are the most forgotten (40 percent), followed by those for operating systems (25 percent), Google accounts (16 percent), and generic searches (8 percent) such as “forgot password” or “change password.” Social media, entertainment, and device password-reset searches occurred less often.

Why do people forget email passwords most often? Probably because we value them most. In one 2020 NordPass survey 73 percent of respondents described a hypothetical email hack as “very” or “extremely” harmful, but only 46 percent said they use a unique password to protect it. Even fewer — 21 percent of respondents — use a unique password for other applications.

“It also appears that most respondents have their password saved on their computer and don’t need to enter it every time they log in. If they actually had to, they would have trouble remembering it,” Chad Hammond, a security expert at NordPass, said in a statement.

A rather obvious study by Rutgers-New Brunswick and Aalto University in Finland found the likelihood of remembering a password has less to do with its complexity than with how often it’s used. Users are far more likely to remember a complicated password when they know it’ll be used often, and less likely to remember even a simple password if it’s used infrequently.

Time and again, cyber security experts advise using password managers, which not only obviate the need to remember all those passwords, but increase security by making it harder for hackers to access them. They’re typically browser extensions or mobile apps which generate and remember complex passwords for you.

Can password manager programs be hacked? Yes — with the downside that all accounts saved would then be exposed at once, but security experts say the odds of fraud are still lower than without them.

At the very least, avoid using the “dumbest passwords of 2019” such as 12345678, iloveyou, asdf or qwerty (glance at your keyboard), and so on. Never use family birthdays, easily discovered names, or anything you wouldn’t want a thief to have. Delete unused accounts and use two-factor authentication (e.g., a texted code to verify identity).

For more information see Nordpass.com and password tips from Consumer Reports at Bit.ly/3iZRChK.

•••

Sholeh Patrick is a columnist for the Hagadone News Network and neo-Luddite who misses typewriters and rotary dial. Contact her at Sholeh@cdapress.com.