Psychology Of Passwords

According to a study by Google, about 65 percent of people reuse the same passwords across multiple accounts.

Account passwords can be compared to  the key to a door lock in your house. Similarly, reusing the same password across multiple accounts is similar to having a single key to unlock all the doors in your house, work, car, etc..

If a thief gets access to one single key, he can access your entire house or at least a few of the important rooms.

So, why would you do that?

To answer this question, we need to understand the psychology of passwords.

What is Password Psychology?

According to Wikipedia, “Password Psychology” refers to the study of what makes passwords. The subject of password psychology usually researches topics such as choosing a password, ways to memorize a password, password security, and password convenience.

What Are the Common Questions about Password Psychology?

In this section, we will be talking about some of the most commonly discussed topics about password psychology.

Question 1: What Constitutes a Strong Password?

Suppose you’ve ever created a user profile on any website/application. In that case, you can notice that most of them ask you to create a password that is a combination of uppercase letters, lowercase letters, numbers, and allowed special characters.

An ideal complex & strong password would be a truly random string that doesn’t make any sense and doesn’t include any information relating to you.

Question 2: Why Do We Reuse the Same Passwords?

It is said that an average internet user has about 100 online accounts, which also means that the user manages at least 100 passwords.

Creating 100 truly random passwords and memorizing them to use across multiple devices frequently is quite a challenging task.

Is there a better way?

To reuse the same passwords across multiple platforms.

Even though some may argue that it is acceptable to create one random, long, and complex password across multiple platforms, it raises the question that we mentioned at the beginning of this article.

Getting access to one single password makes it easier for hackers to gain entry to your other accounts.

Thus, by reusing the same password, a compromised social media account may also mean that your online banking accounts are compromised as well.

Therefore, it is best and always recommended to create unique and separate passwords for all the accounts you use.

Question 3: What are the Best Ways to Store Passwords?

Once you create many unique, strong, and random passwords for all your accounts, you need a place to store them.

You definitely cannot memorize them all.

Well, then you need to look for the most secure ways to store your passwords and ensure that only you have access to them.

The simplest way would be to write down all the passwords on a sheet of paper and carry them around wherever you go. Even though this is not the safest, nor the most convenient way, you get a sense of comfort that your passwords are always with you.

For anyone seeking modern password storage options, then using a password manager is a great choice.

Password managers are software tools that help with managing your passwords.

Password management solutions offer encrypted protection for your passwords, and all your passwords will be stored in a single account protected by a master password.

Modern password managers offer additional security features to protect your master account further.

Apart from standalone password management solutions, even modern web browsers such as Google Chrome, Mozilla Firefox, etc., come with inbuilt and convenient (but less secure) password management features.

Question 4: How Often Should You Change Passwords?

So, once you create and set a password, can you leave it as is forever?

Nope!

It is best that you change your passwords at least once in 6 months.

Why?

Hackers aren’t like normal thieves that utilize one single opportunity to steal whatever they can.

Once a hacker gains access to your account, they may also choose to monitor your activity within the account silently and only take the details they need whenever they need it.

In such cases, you may not exactly be able to identify that your account has been hacked.

In other cases, if a hacker targets your particular account, they might try to perform a brute-force attack on your account by trying all the possible password combinations.

Changing your password frequently helps in resolving both the issues above and even more.

How Password Psychology is Evolving?

Microsoft founder Bill Gates predicted the extinction of traditional passwords back in 2004.

Even though we do still use traditional text passwords, we use other modern techniques for additional security.

Two-Factor Authentication (2FA), captcha-based login, biometric login, etc., are now very common in use.

Modern password psychology researches are more focused on password alternatives, password-related user problems, and cyber security threats revolving around current password trends.