As much as 94 per cent of people in Singapore admit to having poor password habits, such as recycling passwords for different sites and using ones that are easily guessed, a Google study revealed last week.
This means they are more vulnerable to fraud, particularly as online shopping is expected to grow by 20 per cent in the upcoming holiday season, according to the Internet giant.
It had commissioned research agency YouGov to conduct the survey of 13,000 respondents across 11 markets in Asia recently.
Among the bad habits are the reuse or recycling of passwords across different websites, which means a hacker can get into these various services at one go with a single stolen password. Forty-five per cent in Singapore did this for up to 10 websites.
At the same time, about a third of users here relied on passwords that were easy to guess, including easily crackable combinations from significant dates and signifcant others, pet names and even postal codes.
Another bad practice is saving passwords on a file on a digital device, which is not encrypted and can be stolen more easily. Seventeen per cent of users here said they saved their passwords on the Notes app on their phones.
Worse, 44 per cent of respondents have no qualms about passing passwords to friends or family, the survey revealed.
The bad habits appear persistent despite the heightened awareness that comes from regular headlines of data breaches, something that a majority or 58 per cent of Singaporeans have experienced or known of something who had, the same study found.
Ironically, Google found that Singapore users do want to guard their data better, for example, with 70 per cent saying they are likely to adopt two-factor authentication (2FA) even if it is not mandatory.
However, their words need to match their deeds. While 33 per cent of respondents say they are likely to use a password manager, only 4 per cent actually use one currently, which is the lowest among the countries surveyed.
“When we compromise security for convenience by sharing, recycling and using guessable passwords, we put our personal information – including payment data – at exponential risk,” said Ben King, country director for Google Singapore.
Internet users here need to get better at building up their online safety, he noted, adding: “The challenge, however, lies in the gap between knowledge and action, and the key to plugging this gap is access to tools that provide security and convenience.”
Google advises users to take three quick steps:
1. Cultivate security consciousness and build better password security, for example, to avoid recycling passwords
2. Turn on 2FA, to significantly reduce the chances of a hacker gaining unauthorised access to your account
3. For Google users, complete the Google security checkup to strengthen their Google account’s security