Shockingly, People Continue to Reuse Online Banking Passwords

How many unique passwords do you have? And how many accounts that require passwords for authentication do you have? Ideally, these numbers would be the same because every account needs a unique password. Unfortunately, more often than not, people have more accounts than passwords, and that is due to password reuse. Without a doubt, it is easier to come up with one combination of letters, numbers, and special characters and use it multiple times. However, that is extremely dangerous behavior, especially if the password is weak to begin with. Unfortunately, the dangers of reusing passwords are basically equal regardless of the strength of the combination. And people know it. Despite that, they continue to reuse passwords, and they do that in incredibly dangerous ways.

Why do people reuse passwords?

The short answer is that it is easy to reuse passwords. You do not need to think about it. You do not need to come up with a system that would help you remember all combinations. You do not need to go through tiresome password reset procedures. You do not need to put in any work when setting up new accounts. Some people think that they can outsmart the system by slapping on additional letters or numbers. For example, if their main password is lifesabeach, they might think that passwords lifesabeach1 and lifesabeach123 are unique. Yes, they are different, but they are not necessarily unique. Let’s say that someone cracks one of these passwords. Someone could guess it, or it could be leaked during a data breach. Once that happens, even if you change the originally breached password, all others similar to it could be guessed, and that is easy to do if, for example, the same email address is used to log into the different accounts. Why would hackers waste their time trying to get into your accounts? They do not need to waste their time. They have machines and software that do it for them, and they love passwords because they can be sold and used in lucrative scams.

Passwords you should NEVER reuse

Of course, our position is that you should not reuse ANY passwords, but there is no denying that some accounts are more sensitive than others. For example, if you use Google or Apple to sign into multiple accounts, you want to make sure that passwords to your Google and Apple accounts are strong and unique. If they are not unique, and if these passwords are breached, all connected accounts might fall like dominoes. It is just as important to think about banking passwords. How many online banking accounts do you own? Perhaps it is just one, and perhaps you have several accounts. Some people recycle banking passwords across different banking platforms. Others include banking passwords into the roster of those that are recycled across different kinds of platforms. Without a doubt, it is painful to have any account hijacked, but if your banking account gets hijacked, you could lose money, and that is not something you want to play around with.

Why banking passwords are sensitive?

The obvious answer is that your banking password unlocks the door to your virtual finances. Perhaps the attackers would not be able to cause great damages due to the implemented 2-factor and multi-factor authentication systems. However, access to your banking accounts, could still help them make small transactions, authorize unwanted changes to your accounts, and also access personal data. If the attackers know your personal email address, they could even send you emails with your banking password included, and that could help them extort money, intimidate you, and make you perform certain risky actions. It’s basic commonsense that your banking password has to be the most unique and strong one out of the bunch. Well, if it’s commonsense, how serious is the issue of password reuse?

Shockingly, people continue to reuse banking passwords at an unbelievable rate. FICO, a California-based credit scoring service, has conducted a research to look into the habits of how people address digital banking in 2020. 5,000 people from 10 different countries (Brazil, Canada, Germany, Malaysia, Mexico, Philippines, Sweden, Turkey, the United Kingdom, and the United States of America) participated in the survey. While data is different between countries, it is obvious that people do not shy away from reusing banking passwords. In the UK, for example, 60% of respondents reuse passwords for their financial accounts. 5% reuse one single password for all accounts.

Banks are rapidly joining the biometric authentication game, and so people now have more options to ensure their accounts’ security. However, that does not mean that they are quick to make changes. If we know one thing about human behavior is that we do not like change, and switching login habits can seem like a nuisance. Perhaps that is why many still use only up to five unique passwords for all accounts. According to the FICO research, Germans were best in regards to password reuse, while Malaysians were the ones that struggled the most.

How to enhance online banking security with the help of passwords

The dangers of reusing passwords are real, and the dangers of reusing passwords that grant access to banking accounts are also scary. At this point, biometric authentication is not yet offered by all banks, and not all clients are excited by the idea of changing their login habits either. That means that strengthening passwords is the best option. We probably do not need to say again that all passwords need to be unique. They also need to be strong. Just because password147, bankingpass8, or dodgersforlife are unique combinations, that does not mean that they are good enough to guard your accounts.

Good passwords are long, random, and contain various characters in both upper and lower cases. An example of a banking password that would be considered strong is g~My}vF2edNxc<UH. Who is the world could remember such a password? Who could remember 50 or 60 passwords like that? A password manager. In 2020, it is hard to find a list of cybersecurity recommendations that does not include implementing a trusted password manager, and that is because we are terrible with passwords. On the other hand, a tool dedicated to creating strong combinations and also locking them against hackers can do a wonderful job. Our recommendation is Cyclonis Password Manager, and if you would like to learn more about how it works, click HERE.

By Foley
October 9, 2020
October 9, 2020

Leave a Reply