Data breach victims aren't changing their passwords | New study reveals that only a third of affected users have changed their passwords after a data breach.

Data breach victims aren't changing their passwords

Data breach victims aren't changing their passwords

Data breach victims aren't changing their passwords

Data breach victims aren't changing their passwords

Data breach victims aren't changing their passwords

Data breach victims aren't changing their passwords
Data breach victims aren't changing their passwords
  • By:
  • Views 5

A new study by academics from Carnegie Mellon University's Security and Privacy Institute (CyLab) has revealed that only a third of users actually change their passwords after a data breach announcement.

The study, titled “(How) Do People Change Their Passwords After a Breach?”, is not based on responses from survey participants but on their actual browser traffic. To compile their study, the academics analyzed real-world web traffic collected by the university's opt-in research group Security Behavior Observatory (SBO) which collected the full browser history of those who signed up for the purpose of academic research.

The research team then used information collected from the home computers of 249 participants between January 2017 and December 2018. This dataset not only included web traffic but also the passwords used to log into websites and those stored in participant's browsers.

By analyzing this data, the academics found that only 63 of the 249 users had accounts on breached domains that had publicly announced a data breach during that time. According to CyLab, only 21 (33%) of these 63 users visited the breached sites in order to change their passwords. To make matters worse, of these 21 users, only 15 changed their passwords within three months after the data breach announcement.

Password security

As the SBO also captured the user's password data, the CyLab team was able to analyze the complexity of the users' new passwords.

The research team revealed that of those who changed their passwords, only a third changed them to a stronger password. The rest of the users created passwords of weaker or similar strength and many reused character sequences from their previous password or used passwords that were similar to their other online accounts.

While the study shows that users are still not receiving proper education when it comes to password security, the researchers argue that the hacked services are also to blame as they rarely tell users to reset their similar or identical passwords on their other accounts.

If you're worried about your own password security, you can visit Have I Been Pwned to see if any of your online accounts have been involved in a data breach. If this is the case, you should change all of these passwords immediately and make sure that your new passwords are both strong and complex.

Via ZDNet

Ads Links by Easy Branches

Easy Branches Worldwide Network provide the possibility and allows You to contribute Your Guest Post on different websites and languages, pointed to any City or Country

Place Guest Post
Can you spot the three outboards on this boat? - Yachting
The Pandemic Experts Are Not Okay - Pocket
Asia-Pacific Boating and China Boating magazines
SEA Yachting is one of Southeast Asia’s leading leisure marine publications. SEA Yachting strives to keep people in the leisure marine industry throughout Southeast Asia up-to-date on technology, events, products and processes that have an impact on their
Agency Sign-up Fill in the form and our consultants will contact you as soon as possible in order to give you all the information you need to sale, rent Your real estate, property
immediate for delivery new exclusive hypercars, megacars and super sportcars so as luxury classic sports cars for sale and purchasing
Banner advertising on easybranches network boatshowchina TPE-Bangkok






Invitation to China VMF 2020