Advertisement

Secrets to a better password and fewer hacks: Go long, use variety, and sometimes lie

Cybersecurity experts say on average, people maintain passwords with 100 online accounts, and its something we should be moving away from

Reading Time:4 minutes
Why you can trust SCMP
Photo: REUTERS/Pawel Kopczynski

By Jennifer Schlesinger and Andrea Day

Advertisement

Last week, Twitter asked users to reset their password as a precaution, after they found a bug in how they stored passwords.

The social platform is far from alone. In March, MyFitnessPal, a diet and fitness app owned by Under Armour, revealed that data from 150 million user accounts had been compromised, which may include scrambled passwords.

For years, cybersecurity experts have warned about needing to move away from passwords, which many people reuse across accounts, leaving them vulnerable to hackers.

“The average person has probably more than 100 accounts online that they’ve got to maintain a password with,” said Caleb Barlow, an IBM Security vice president. said Caleb Barlow, an IBM Security vice president.

Advertisement

“What ultimately happens is everybody comes up with some sort of schema and they end up reusing these passwords site after site after site,” he said. “The challenge with that is once one site is breached and that password becomes available, it doesn’t take much for the bad guys to pivot to the next site, and try the same user ID and password.”

Advertisement