We need to get better at password protection

That's a lesson nearly half of American adults learned the hard way in 2014

Cybersecurity
(Image credit: (iStock))

The Sony hack brought on heaping piles of media-on-celebrity gossip, celebrity-on-media backlash, and media-on-media analysis. Then, of course, there was the White House's promised rebuttal, that "wait, did North Korea really hack us?" moment, and then, North Korea's own internet blackout.

Much of this media cycle has focused on the ripe celebrity scoops — Angelina Jolie is a brat! Joel McHale likes discounts on his electronics! — as well as this boiling tension between the United States and North Korea.

Outside of international relations and America's obsession with Hollywood, these hacks have implications for all of us. On a micro level, this Sony ordeal is yet another reminder of how fragile our online presence is. It highlights the need for individuals to protect their online privacy — something that nearly half of American adults learned the hard way in 2014.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE
https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

New research out of Plymouth University, in England, gives some empirical perspective to this cautionary tale. Professor Steve Furnell, director of Plymouth's Centre for Security, Communications and Network Research, investigated the password security of 10 of the world's biggest websites — companies like Facebook, Google, Twitter, and Amazon. According to Furnell's research, these tech giants all come up short when it comes to password guidance. They fail, that is, to stress to users the importance of setting an effective, unique password.

"Although I don't think the study has a direct relationship to [these] recent attacks," Furnell says, "I would say that cybersecurity in all its guises is going to be demanding more attention, if we are going to achieve effective safeguards in the future."

Furnell's study, which appears in the latest issue of Computer Fraud and Security, used the Alexa rankings to mine through most-visited websites in August. (He excluded partner sites. YouTube, for example, uses a Google login.) Assessing the "guidance" given to password-creating users, Furnell monitored which sites explained the importance of a strong password, and encouraged diversity with online passwords.

Furnell counted 30 opportunities for websites to offer more meaningful password advice; only a third of those were taken. LinkedIn and Twitter are cited for accepting passwords that, by their own algorithms, are "weaker" choices, as is Yahoo!, for not keeping consistent password requirements for those people renewing a password.

"Providing suitably explanatory guidance will give users a fighting chance to understand why passwords are presenting all these hoops for them to jump through," Furnell says. "[Sites] are storing sensitive details about their users, and arguably have a duty to help them to ensure that it is properly safeguarded wherever possible."

This might seem nit-picky, but personal computers — and government desktops — are being hacked on an increasingly frequent basis. Hell, not even the big banks are safe. We need to be smarter with our passwords. It would be helpful to get some encouragement from the companies requiring them in the first place.

Pacific Standard grapples with the nation's biggest issues by illuminating why we do what we do. For more on the science of society, sign up for its weekly email update or subscribe to its bimonthly print magazine.

More from Pacific Standard...

To continue reading this article...
Continue reading this article and get limited website access each month.
Get unlimited website access, exclusive newsletters plus much more.
Cancel or pause at any time.
Already a subscriber to The Week?
Not sure which email you used for your subscription? Contact us