Do you have only one password for all accounts? Do you use only lower-case letters in your passwords? Do you enter your password when the URL begins with http (rather than https)? If you answered yes to one or more of these questions, you are leaving yourself wide open to identity theft and the hacking of your personal information.

For years, we’ve been writing about password safety–including providing many tips. [See, for example: 1, 2, 3, 4.] Today, let us consider WHY you might still exhibiting risky password behavior.

Recently, Help Net Security described “The Psychological Reasons Behind Risky Password Practices.” Here are a few of the conclusions:



“When it comes to online security, personality type does not inform behavior, but it does reveal how consumers rationalize poor password habits. Among key findings around personality types and online behavior, nearly half of respondents who identify as a Type A personality did not believe that they are at an increased risk by reusing passwords because of their own proactive efforts, which implies their behavior stems from their need to be in control.”

“In contrast, more than half of respondents who identify as a Type B personality believe they need to limit their online accounts and activities due to fear of a password breach. By convincing themselves that their accounts are of little value to hackers, they are able to maintain their casual, laid-back attitude towards password security. This suggests that while personality types didn’t factor into the end result of poor password habits, it does provide insight around why people behave this way.”



“’Developing poor password habits is a universal problem affecting users of any age, gender, or personality type,’ says Joe Siegrist, VP and GM of LastPass. ‘Most users admit to understanding the risks but continue to repeat the behavior despite knowing they’re leaving sensitive information vulnerable to potential hackers. In order to establish more effective defenses, we need to better understand why individuals act a certain way online and a system that makes it easier for the average user to better manage their password behavior.”


14 Replies to “Avoid Risky Password Behavior”

  1. This is a really good article to read especially with what has been happening in the news recently. With computers getting easier to use, and people getting smarter with computer it is making hacking very easy. Most people think that this type of act could never happen to the bigger companies because they have huge firewalls, but now we are seeing that hundreds of thousands of accounts get hacked once somebody does break into a larger corporation. Some websites now put a day timer on your password so every ninety days or so you must change it and it cannot be a previous password. They also say that by even capitalizing one letter or adding a number, or symbol you can increase your protection substantially.

  2. This article was very eyeopening. I would have assumed that Type A personalities would have been more worried about their password protection than Type B personalities. Also, the topic of password is an up and coming hot topic, therefore making this article very relatable and interesting. I for one am very secure with all of my passwords and am very self aware of the hacking abilities on line in this day and age, yet am still scared of hackers in general and dubious that this phenomenon will disappear due to the rising age of technology.

  3. This post directly related to what recently happened with the Yahoo hacking issue. I think most people reuse passwords for more than one account or make somewhat simple passwords out of pure laziness and convenience. If you think about how many accounts each person has, having different passwords containing random letters, capitals, numbers and symbols would be really confusing and tough to remember. I do however believe that it’s crucial to do so because hacking is an issue that will never go away.

  4. As someone who hasn’t historically been as careful with passwords as he should’ve been, I can say why I didn’t take action despite knowing better. I’ve never been hacked. It’s really that simple. Relating to the article more specifically, I find it very depressing that people find themselves rationalizing their usage of passwords. Don’t people have more important and interesting things to think about? Hackers must up their game!

  5. This is quite the read due to the fact that more and more of our lives are being put online. A simple social media account may not perceive value to hackers but I would like to think more than not that the owner of that account would not like his/her self-image over the internet being compromised. Social media is now using credit cards to add more features, this is something I believe is worth protecting. Personally I am quite good with having different passwords for different accounts and I understand it is a lot to keep track of. But ultimately I would not want my self image over the internet to be compromised (Facebook, LinkedIn, Instagram…)

  6. When finished this reading, I feel ashamed not only because I am that kind of people who will reuse the password over and over again, but also I will continue to do that. The mainly reason is simply because I just cannot memorize so many passwords as well as which account they belong to. However, I admit that this is risky for my personal safety not only on financial but also informational. Also, I think that minimizing my accounts is a brilliant way. It is annoying that some websites require me to sign up go on browsing.

  7. This article made me realize how careful we should be with passwords. We do online banking, shopping that has our credit cards saved, and emails that contain private or important information. With all the hacking that’s been going on, we have to be more careful information. Many websites have a scale as to whether your password is too weak or strong, which helps indicate how easy it is for someone to detect your password. We can’t make our passwords our birthday anymore or our dogs name if we want to keep our information safe.

  8. I do recognize that people need to be very careful with their passwords. I am a person that has a difficult password, but I mainly keep it the same for everything but with small variations. I agree that it it important to be careful but sometimes you have to make things easier for yourself. In the past, when I have had a different password, I have not remembered it and had to go through the whole process of “forget my password”. Changing passwords has become a long and tedious process in present times because of the hacking that is going on. Security questions are asked, along with all sorts of other information just to change your forgotten password. I think people need to definitely have difficult passwords but sometimes having around the password can make life a little less difficult.

  9. This article gave me awareness to different password practices. I personally use the same password for everything. To me, the same password is just easier. However, I have learned that this gives hackers an easy opportunity to obtain information from you, or even create a chance for identity theft. Of course, some of my password have variations, but they are all basically the same thing, just a few different characters. I’ve already had some email accounts hacked, and now I see that hackers can perform even worse transactions. Password security is essential because it is also easy for people with limited technological experience to hack different computers. Not only will I make my financial account passwords safer, but my social media accounts as well.

  10. This article was something that I found very interesting since I often think of my password. As something that I use everyday to log into various accounts, I always say that I should create a stronger password overtime. I never do though because it just seems easier to have the same password. I do notice though that I agree with the statistics that were given about what accounts people take passwords more seriously for. My financial and school accounts, I try to use passwords that follow all the rules for secure passwords and I never use that one again. When it comes to social media accounts though, I find that i reuse the same one over and over. I need to be more careful but when the information on the website doesn’t contain anything that could harm me I do not find the need to be super protective about the password. Its a bad attitude to have but a tough one to break.

  11. One of the most interesting points I found from this article was the fact that even though people know and understand the risks with poor password habits, few actually take action to better their attitude and behavior towards their password habits. Although the article lacked a concrete answer, it seemed to suggest that the reason for poor password behavior might simply be based on personality type, which I would love to see more research on. Overall the article was informative and the topic itself was interesting to learn more about.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.