this post was submitted on 02 May 2025
24 points (100.0% liked)

Pulse of Truth

933 readers
92 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago
MODERATORS
krogoth@infosec.pub
24
People know password reuse is risky but keep doing it anyway (www.helpnetsecurity.com)
submitted 1 day ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub
9 comments fedilink hide all child comments
 

35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating compromised passwords. 38% of Gen Z and 31% of Millennials only change a single character or simply recycle an existing password. 79% of Gen Z admit password reuse is risky, yet 59% recycle an existing password when updating accounts with companies that disclose data breaches. 55% of … More → The post People know password reuse is risky but keep doing it anyway appeared first on Help Net Security.

you are viewing a single comment's thread
view the rest of the comments
[–] AbsolutelyNotAVelociraptor@sh.itjust.works 11 points 1 day ago (2 children)

Sometimes there are policies that made this almost forced. Case in point: the company I work for forces you to change password every 60 days max. They don't allow the use of passwords managers and you can't use the last 5 passwords. So what do people do? Just go with a simple word and change one number each time. Like "velociraptor1" then "velociraptor2" and so on.

I use passphrases which let me remember them easily while offering protection but it's so stupid that they do it this way.

[–] fluckx@lemmy.world 4 points 23 hours ago

Change your password 5 times and you can keep the same password.

  • hackerman
[–] Ok_imagination@lemmy.world 3 points 1 day ago (1 children)

Kinda odd you can't use password managers either. How archaic it sounds

[–] AbsolutelyNotAVelociraptor@sh.itjust.works 6 points 1 day ago

I have continuous fights with my IT dept. I work for OT, so my day is behind a computer doing technical stuff with machines and other computers, so although I'm no expert in cybersecurity, I know the basics about it and about privacy.

It's an everyday war with them for every single thing I try to do. The best one I remember was when I tried to install firefox because I didn't want to use chrome or edge. Tey blocked traffic from firefox through the company's firewall. I called the IT to explain that I wanted to use firefox because I want to use ublock and other privacy related extensions to block tracking, redirect, phishing and other harmful things and I think their response caused me to facepalm in a way I never thought it was possible: they told me that if I wanted privacy, I should use chrome's incognito mode.