Darkreading.com reported that “Given the high-tech password retrieval systems in use, it's perhaps no wonder that many users choose passwords that are lack sufficient security heft. Based on current research, there are six ways in which users blow the basic task of creating a secure passwords.” The October 28, 2020 article entitled “6 Ways Passwords Fail Basic Security Tests” include the following comments about #6 Forgettable:
Just because a user chooses a memorable password it doesn't mean that they'll actually remember it.
The fallible human memory is one of the primary reasons security experts recommend password managers for all users. According to the security.org report,
About 12% of users actually do so, with another 10% taking advantage of the password management features of their web browser for the same purpose.
For one-fifth of users, writing their passwords in a physical notebook is the password management system of choice.
Another 12.5% have taken their notebook habit digital, using a note app for password storage.
That puts "writing it down," in one form or another, just behind the 37% who simply try to remember all the passwords they use for business and personal accounts.
Here's the problem with remembering all the passwords: Most human can't.
That means either re-using passwords, with the same password used for multiple accounts, or using some sort of pattern for passwords.
Either one of those choices makes it much easier for attackers to use one stolen password to leverage access into multiple accounts and increase damage exponentially.
The best security for access involves strong, unique passwords combined with two-factor authentication methods.
Until the majority of users adopt those, however, articles like this one will continue to be regular features - along with stories of data breaches based on purloined passwords.
Here are all 6 categories:
#11 Too Short
#2 Too Simple
#3 Too Obvious
#4 Too Topical
#5 Not Private
I don’t see any great solution to these problems!