Good summary in Network World of a consumer password survey by mobile security company Telesign.
Some key findings:
- About half of those responding to the 2,000-person online survey say their passwords are over five years old
- The study found that consumers rarely changed their passwords. Seventy-seven percent hadn’t changed their passwords in a year or more, and 21% of respondents use passwords that are over 10 years old.
- 73% of respondents use duplicate passwords.
- Of the consumers’ average of 24 online accounts, each consumer uses just six unique passwords to protect them, leaving accounts vulnerable.
- Most consumers worry about online security, and 40% have been hacked, but only 70% have changed their passwords in response.
- Even fewer users have re-vamped their security by adopting more secure protection methods, like two-factor authentication (2FA).
- 72% of the consumers surveyed want more help securing accounts, and although some of them have heard of two-factor authentication, they don’t know how to implement it.
- Among the consumers who don’t use 2FA, the study says 56% don’t know what it is, 29% don’t know how to turn it on, and another 29% say they don’t think their online accounts offer it.
Using a password manager such as SplashID enables easier use of stronger passwords, different passwords for different sites and services, and more frequent password changes.
In response to its findings, TeleSign has launched a guide to 2FA, tag-lined “Turn it On,” where it provides instructions on how to activate 2FA on numerous major websites, such as Facebook, Apple, Bank of America, and so on. For example, it explains how to receive a verification code to a mobile device from some of the sites.
The website lists instructions for more than 100 websites, including those for social networks, backup and sync, email, and payments.
“The number one tip most experts give for increasing account security and stopping the fallout from data breaches is to turn on two-factor authentication,” says Steve Jillings, CEO of TeleSign, in his company’s press release.
“Yet our research shows that the majority of consumers don’t know what two-factor authentication is,” he says.