With every new large-scale security breach, an onset of articles follows reminding us all again-and-again about the importance of strong online passwords and what we must do to protect ourselves from hackers. Two of the latest website security breaches to make headlines are perfect examples.
Stratfor, a Global Intelligence firm that releases a daily security newsletter, was recently hit by hackers. Those responsible for this attack published around 860,000 usernames, email addresses, and passwords for everyone registered on Stratfor’s site. In addition, the hackers also claim they disclosed credit card information and other sensitive data about every Stratfor customer on file.
The Tech Herald published an analysis of the Password List and it shows that there are lessons to be learned. The lessons are no surprise…
- Weak Passwords
- Recycled Passwords
In addition, online shoe selling giant, Zappos.com was also a victim of a cyber attack recently with over 24 million customers’ personal information stolen just this week. As the news unfolds, we still don’t know all of the details except that Zappos officials are forcing all customers to reset their passwords.
As the “online world” becomes more integrated into our lives, these types of cyber attacks are becoming more and more commonplace. And it’s almost always the same outcome: Security Experts and journalists advise us to change our passwords to make them more secure. But, unfortunately most of us don’t listen.
So why is it that we don’t listen? Like many of the things we do, the reason goes deep into basic human psychology. Bruce Schneier, Security Expert, wrote an in-depth essay on this very topic. He says, “the psychology of security is intimately tied to how we think: both intellectually and emotionally.”
Here are some theories I came up with myself based on my own experiences.
1. We think it will never happen to me.
We often go through life thinking we’re invisible. The same applies to the Internet. You might be saying, “Hacked? I won’t get hacked. That only happens to my Facebook friends who click on links. I don’t engage is risky behavior like that, so it will never happen to me.” WRONG. It likely will happen to you! In fact, considering the scale of attacks on sites like Zappos, chances are pretty good it already has happened to you. And chances are also good that you’re unaware it’s happened — this is exactly what hackers want. Unfortunately, prevention is a difficult pill to swallow.
2. Unless it happens to us, we remain unaffected.
We can all relate to this. Two guests I invited brought along their 18-month old boy, who is a bit of an explorer. As I was taking the steaming hot lasagna out of the oven, I turned away for one second to place the dish on the counter. Before I knew it, I heard him wailing in pain. While I turned away he stuck his hands into the oven and burned himself. While I continued to feel terrible for the little guy and assumed it is all my fault and launched into ideas about how I will be a horrible parent, his parents assured me that this is actually a good thing because he learned his lesson. He will never put his hands in an oven again. So was the lesson learned? Chances are very good.
This might hold true for your own attitude towards your online security and passwords. Unless you have already been affected, you will likely continue to use the same old passwords on every website.
3. We are lazy
Let’s face it. It’s boring to go in and change all your websites one-by-one. We have other things to do — like watch videos, chat with friends, shop, and surf the web. For many of us, the Internet is an escape, an activity for “fun time.” The last thing we want to do is go through 100’s of websites to update our passwords.
4. We are creatures of habit.
We’ve been using the web for years without worry of security measures. We’ve created habits on how we use the Internet. Ian Newby-Clark is a psychologist says we have hundreds of habits. And even if we want to change them and we aim to change them we fail. “These habits are hard to change because they are so ingrained…they are almost automatic.”
5. We want convenience
This is a topic we talk a lot about on the Dashlane blog. Alexis, our Co-Founder and Product Manager wrote a post on this topic explaining why security for its own purpose is not the solution.
One Step Closer to a Secure Online Life
There are a lot of ways to protect yourself online. Using different passwords on each site is a good start. We aren’t going to tell you this is the only way to make yourself safer online, but it definitely lowers your risks. We have created a solution for this with Dashlane. Whether you chose to use it or not is your choice. But hopefully we have made it convenient and simple enough for you to take a step closer to a more secure online life.
Watch here to learn how this feature works.