According to a nationwide survey conducted by EVRY, 39% of all Norwegians 'always' or 'nearly always' use the same password on the internet. The survey also reveals that a surprising number of people disclose the security code for their mobile or the password to their private PC to other people.
“To remain secure, it is important to have different passwords for different services on the internet. Our recommendation is that people should have good, long passwords that hackers would find it difficult to crack. If you use the same password for all the internet services you use, you risk a great deal of your private information falling into the wrong hands. You can take action to limit the possible damage by having a different password for each user site that requires a username and password”, comments Tore Larsen Orderløkken, VP for Security, Quality and Risk Management at EVRY.
The same password everywhere
The digital nature of day-to-day life means that Norwegians are more active on the internet than ever before, not only for internet shopping, social media and discussion forums, but also to use various services. The result of this is that we are entering usernames and passwords on a large number of websites. 74% of respondents in a survey carried out by Norstat for EVRY said that they use the same username and password on more than five different websites. Nearly one in five (19%) said that they have used the same username and password on 15 or more different websites. One surprising finding from the survey is that Norwegians are not good at password security: 4% of respondents said that they never change their passwords, while 35% said that they 'nearly always' use the same password. Only 11% of respondents were security-minded and so changed their passwords on a regular basis.
“Norwegians are very conscious of physical security, but there is a lack of knowledge about digital security in Norwegian society, particularly among consumers but also among businesses and organisations. The Norwegian Centre for Information Security (NorSIS) therefore launched an initiative to make October the national security month. As Norway’s largest IT company, it is natural for EVRY to work with security organisations and the authorities on security issues, as well as providing advice and guidelines to consumers on what it sensible”, adds Tore Larsen Orderløkken from EVRY.
How to create a password
“We leave an electronic trail behind us in many places on the internet and so it is important for passwords to be different, but you can construct them using a similar approach involving combinations of characters and letters”, explains Tore Larsen Orderløkken.
1. You should use passwords that you find easy to remember, but they should be difficult for others to guess
2. Use different passwords for different services
3. Passwords should be as long as possible
4. Change your passwords at frequent intervals and whenever you think they might have been compromised
When creating a password, think of a poem, song or other phrase you know, and make an association between it and the service in question, as this will ensure your password is long, memorable and different from the passwords you use for other services.
Remembering all your passwords for all the different services you use is challenging, not to say impossible. It is therefore very important for them to be stored safely. Programs are available on the internet that protect and remember your passwords for you, with some storing the passwords in the cloud and some locally on your PC, and you should think carefully about the alternatives before using one of these programs. If you write your passwords down, you must ensure that your record is kept in a safe place.
- Whenever you use a PC that is also used by other people, take care to log out of all services and close the browser window.
- Do not allow the PC to auto-remember any passwords.
- Many services offer two-factor authentication, which involves, for example, a code being sent by text message which you need to use to log in; use this option where possible.
Never disclose your passwords to anyone else
Another surprising finding of the survey carried out by Norstat for EVRY is that many Norwegians disclose their passwords to their spouses, partners or children. Some respondents even said that they disclose their passwords to friends and colleagues. 48% of respondents said they disclose their mobile telephone codes to other people, while 31% disclose the password to their private PC to others.
“We strongly advise against disclosing sensitive personal information to other people. By disclosing the password to your PC and mobile to other people, you enable them to access information that should not be shared, whether this relates to banking, health or email accounts. Letting people you are close to know your passwords can seem harmless and helpful, but from a security perspective this is not a sensible thing to do”, comments Tore Larsen Orderløkken, VP for Security, Quality and Risk Management at EVRY. “We have seen many examples where people in close family relationships have misused the security details of other family members”, he adds.
39% of respondents to the survey that Norstat carried out for EVRY said that they had never changed the password to their PC, while 55% said that they had never changed the code to their mobile.
“It is worrying that so many Norwegians are not aware of the risk this involves”, comments Tore Larsen Orderløkken from EVRY.
About the survey
EVRY commissioned Norstat to carry out the survey, and the 1,012 individuals who were selected to take part were representative of the whole country. The key findings of the survey are as follows:
39% ‘always’ or ‘nearly always’ use the same password on websites, while only 11% were security-minded and changed their passwords on a regular basis
31% allow their partner, children or friends to know the password to their PC
48% allow their partner, children or friends to know the password to their mobile
29% allow their partner, children or friends to access their iTunes / Spotify / Wimp accounts
58% have used the same username and password on ten or more websites
39% have never changed the password to their PC
55% have never changed the code to their mobile.
Tore Larsen Orderløkken, VP Security, Quality and Risk Management EVRY. Tel: +47 90730675.
Geir Remman, VP Corporate Communications EVRY. Tel: +47 97055017.
Contact us to learn more