Three quarters of people reuse bank password
By Barry Collins
Posted on 2 Feb 2010 at 11:16
Almost three quarters of people reuse their online banking password on other sites, according to new research.
Security services firm, Trusteer, claims that 73% of people use their online banking password on other non-financial websites. Almost half (47%) use both their bank login and password on other websites.
Trusteer collected the data using its Rapport browser-security software, which warns user when they attempt to reuse their online banking credentials on other websites. The study was based on a sample of four million users and conducted over the course of a year.
Hacking a bank's database is impossible, probably. Hacking a grocery store's website is a physical target for fraudsters to go after.
Reusing bank logins and passwords is poor security practice, potentially allowing hackers to break into bank accounts after hacking other websites or services, such as webmail accounts or instant messaging.
"Fraudsters go after the weakest link," Amit Klein, chief technology officer at Trusteer, told PC Pro. "When you share banking credentials with a less secure site, that site becomes the weakest link."
"Banks do have a lot of security measures," he added. "Hacking a bank's database is impossible, probably. Hacking a grocery store's website is a physical target for fraudsters to go after."
Klein said banks are increasingly relying on more than login and passwords to validate visitors to their sites, but claims it would be futile for banks to issue their own logins and passwords to avert the risk of customers reusing existing credentials. "Users would use the bank-issued ID on other sites," he claimed.
What in the hell is Trusteer collecting the data using its Rapport browser-security software for?
By TheGMan on 2 Feb 2010
I am so glad that I use a password manager. I now have more than 120 passwords none of which I can remember, as they are all 20 digit randomly generated, and all different from each other. Before that I had only a few which meant that I was at risk.
By Amnesia10 on 2 Feb 2010
One presumes the company was simply counting the amount of people that were issued a security warning by their software, rather than actually looking at their passwords.
By Mark_Thompson on 2 Feb 2010
If Trusteer are only counting the number of warning msgs issued, then how do they know that users are entering a bank related pswd into a non-financial site?
By emteec on 3 Feb 2010
What happens when your password manager is hacked?
By monged on 4 Feb 2010
Re-use Bank Passwords
All the Banks I use have at least two levels of security and the passwords are entirely numeric, which tend not to be used elsewhere, so I don't quite see the problem!?
By dgkelly1 on 4 Feb 2010
For a secure password manager look at IronKey
By Chrisandrea69 on 4 Feb 2010
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software