Slashdot Mirror

← Back to Stories (view on slashdot.org)

51% of Computer Users Share Passwords

Posted by Unknown on from the rm-rf-/-of-shame dept.

An anonymous reader writes Consumers are inadvertently leaving back doors open to attackers as they share login details and sign up for automatic log on to mobile apps and services, according to new research by Intercede. While 52% of respondents stated that security was a top priority when choosing a mobile device, 51% are putting their personal data at risk by sharing usernames and passwords with friends, family and colleagues. The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

12 of 117 comments (clear)

  1. Logged in to email? by NoImNotNineVolt · · Score: 4, Informative

    The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

    Yes, god forbid people "leave themselves logged in" to their email accounts on their mobile device. I guess we're not supposed to use push email but instead enter our email passwords into our phones every few seconds to get timely email alerts?

    It's too bad that the cell network itself lacks any meaningful security mechanisms. I mean, if someone gets a hold of your phone, they can just start texting and calling without having to "log in" on the network at all. It's amazing that the world hasn't collapsed as a result.

    --
    Chuuch. Preach. Tabernacle.
    1. Re:Logged in to email? by jandrese · · Score: 3, Informative

      It is actually required by law to be there. All phones must be capable of making an emergency call without being unlocked.

      --

      I read the internet for the articles.
    2. Re:Logged in to email? by tlhIngan · · Score: 3, Informative

      Ah. I could have sworn that when I set up proper locking mechanisms on the phone that there wasn't any option to call. I just tried it again, though, and there is an "Emergency Call" text. For a test, I tried using my cell phone to call my work number and it said that this number wasn't an emergency number. My next question would be how would I specify certain emergency numbers? (This way, if my child has my phone and needs to call a relative that they know the number of, they can without having to know my unlock code and thus having full access to the phone.)

      You can't.

      The emergency call is for calling emergency numbers. It's a small list - 911, 999, 111, 122, etc. In fact, I think on modern cellphones, you can call ANY emergency number and it'll connect you to emergency services. So in North America, if you dial 999 (Europe emergency) you will connect with 911 automatically - the phone interprets the number as emergency and basically does a emergency dial (it's a special control code so the tower will kick someone off if it needs to in order to connect you).

      It's not a huge list of numbers, and it's coded into the software as it has to recognize if you're calling emergency services and to place it as a high-priority call on the network.

      And no, it doesn't include your relatives number - that's not the intent. The intent is to be able to make a call to emergency services regardless of lock screen status, service status, etc. (It's how those used cellphone charities work - they collect deactivated cellphones for people so they have a way to get to emergency services).

  2. I definitely share password with family by mccalli · · Score: 4, Insightful
    Specifically, with my wife. If I'm ever in the proverbial hit-by-a-bus scenario, there are accounts she will definitely need to know and access.

    Whilst technically correct that this increases risk of the password being revealed, it is an absolute necessary of an overall risk reduction strategy for online accounts (cancelling bills etc.).

    1. Re:I definitely share password with family by makq · · Score: 5, Funny

      I assume your wife is not a bus driver, right? If so, your password repo might give her extra incentive.

  3. Re:I do not by alphatel · · Score: 3, Informative

    49percent

    That's my password...

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  4. passwords on the device/session level, not app by tverbeek · · Score: 5, Insightful

    Of course I leave the apps on my phone "logged in"; that's how they're supposed to work. Obviously this only makes sense if there's a password to access my phone (or on my account if the device supports them), but if not, it's the lack of password on my phone that marks me as a security-oblivious idiot, not the fact that I'm using the apps as they were designed to work.

    --
    http://alternatives.rzero.com/
  5. Not Insecure by pavon · · Score: 4, Insightful

    The purpose of security is to prevent unauthorized people from accessing the account. There are tons of accounts that are legitimately shared, and there is nothing wrong with sharing passwords in those situations, if the account doesn't have any technical mechanism to allow for multiple users/profiles on a single account. For example bank accounts, utilities, Netflix, Hulu, wireless router administration, all have been shared accounts with my wife (some have since added profiles, but not all).

    Furthermore, even with accounts that we keep separate, like email, there are useful reasons to share the password, like when my wife is away from internet at work and wants me to print a boarding pass that was emailed to her. Sure I could snoop through her email, but I don't just like I could snoop through her purse or journal, but I don't.

  6. Encouraged by a lot of places. by timrod · · Score: 3, Interesting

    A lot of the bigger, more frequently-used services actually encourage this. The best example I can think of is Netflix, which allows you to have separate profiles for family members but requires that everyone use the same user/pass to log in. I don't know why they couldn't just have individual passwords for the same account - at least that way I could avoid my mom trying to get everyone in the family to watch Sherlock ("Oh, I didn't see it on your watched list! You should try it!").

    Amazon's Kindle app does pretty much the same thing, though it's not directly encouraged - you can log into your Kindle account from several different devices at once, effectively allowing people to share their books with anyone they trust enough. I think this is actually worse than Netflix, because most of the time you're using the Kindle app on a mobile device that can easily be lost or stolen.

    The only company I've seen do sharing well is Valve, which has Steam Family Sharing that allows you to "lend" people your account without actually needing to tell them your password.

  7. Re:Android makes this worse. by cr_nucleus · · Score: 3, Informative

    Don't know what version you're running but android does support multiple accounts since 4.2.
    I've being enjoying it for a while now.

    AFAIK it's the only mobile OS doing so.

  8. Elderly family members passwords by bigmike_f · · Score: 3, Insightful

    Sometimes sharing the passwords of those less technically savvy with those with better skills is necessary and would skew these numbers. Knowing Grandpa's gmail password has helped a lot.

  9. Re: 90% of people are retarded by bws111 · · Score: 3, Insightful

    What an idoitic statement. First, if something has a 50% chance of happening then it is certainly not 'inevitable'. Second, divorce is not a random event, so comparing it to a coin toss is exceedingly stupid. Passwords aside, we already 'share accounts'. We have joint checking and savings accounts, a joint mortgage, joint ownership of the house, joint ownership of a timeshare, file joint tax returns, etc. What is so different about joint online accounts? Nothing.