A survey commissioned by PayPal Australia and the Australian Centre for Internet Safety (ACIS) has revealed that 90 per cent of Australian respondents are confident others wouldn't be able to guess their passwords and a large proportion continue to use one password across multiple sites.
The survey, conducted by Pure Profile earlier this month, examined 1000 Australians and their attitudes and behaviours towards online password security.
PayPal and ACIS discussed the findings in a whitepaper (PDF), stating that the high proportion of Australian users that thought their passwords were not easily guessed indicated that Australians believed they were more disciplined with their online passwords.
The paper also said that many Australian internet users underestimated the threat from cyber criminals that steal passwords from one site and use attempt to use them across other sites. This conclusion was borne from the fact that 63 per cent of all respondents used the same password across more than one site. The figure was also higher when only considering individuals that we in the 18-24 year old category — 77 per cent.
It said that it was critical that users that use the same password for multiple accounts regularly change their passwords. Despite this, a large proportion of respondents, 48 per cent, were only changing their passwords when they were forced to by the system they were trying to log in to. Additionally, 7 per cent of respondents never changed their passwords at all.
Even when it came to having to change their passwords due to forgetting them, 55 per cent of respondents reported that they never forgot their password. However, 41 per cent of respondents were forgetting at least one password a month, requiring some sort of reset, but the paper didn't state whether users simply used a previously known password.
Not all of the news was bad however. Pure Profile found it pleasing that 78 per cent of respondents said their passwords didn't contain any personal information, a common point of attack for cyber criminals and that 96 per cent of respondents reported to take more care to protect their personal information when using public computers.