Kaspersky finds worrying trends for South Africans’ passwords

When it comes to password security and knowing how to check if your details have been leaked, Kaspersky has found some worrying trends for South Africa.

The latest Kaspersky report, titled Defending digital privacy: taking personal protection to the next level, has found that most South Africans think up their own passwords and don’t know how to check whether these passwords have been leaked.

“87% of South African users are thinking up their own passwords, while 72% say they are unaware about how to check if any of their credentials have already been leaked. This highlights the need for storing passwords more securely,” Kaspersky said in a press release.

Meanwhile, only 63% of South Africans surveyed for the report say that they actually remember all of their passwords.

Ten percent store passwords on a file on their computer, while 18% use their internet browser to store their passwords.

So why are some of these trends worrying?

The best passwords are unique, complex, and include a range of uppercase, lowercase, and special characters. They also shouldn’t spell out specific words or phrases. The best way for users to keep their accounts safe is to never re-use passwords.

Therefore, thinking up your own password and relying on your memory means that you usually don’t achieve the complexity required for a secure password. This also makes you more likely to choose memorable words or reuse passwords across accounts.

Furthermore, not knowing how to check if a password has been leaked means you could end up re-using a compromised password. Recycling these credentials then makes it more likely that a breach of one service will lead to your accounts on other services being accessed.

How to check if your password has been leaked

So how can you check if your password or account credentials have been exposed in a data leak or breach?

The website HaveIBeenPwned.com is one of the most useful tools for checking whether your password or details have been compromised in a breach. The website regularly adds the latest breaches. It also searches websites such as Pastebin to see whether any account details have been shared on a public-facing website.

Google’s Password Checkup can also inform you if you need to change your passwords for your Google account.

How to keep passwords safe

It’s incredibly difficult to both think up and remember sufficiently complex passwords by yourself. As such, Kaspersky and other security firms recommend using security software to generate and store passwords.

Storing your passwords in a document makes them easy to access if your computer login is compromised. However, a password manager can keep these passwords encrypted.

While password managers aren’t fool-proof, they are decidedly safer than re-using passwords or storing them somewhere that can be easily accessed by others.

Feature image: Christin Hume on Unsplash