A report into the security of banking internet systems has found that one of the biggest problems faced is the reuse of login passwords by customers.
Online security firm Trusteer monitored over four million computers for a year and found that 73 per cent of internet banking customers used the same password for their online banking services as they did for other, less secure sites.
“Using stolen credentials remains the easiest way for criminals to bypass the security measures implemented by banks to protect their online applications, so we wanted to see how often users repurpose their financial service usernames and passwords,” said Amit Klein, chief technical officer of Trusteer and head of the company’s research organisation.
“Our findings were very surprising, and reveal that consumers are not aware, or are choosing to ignore, the security implications of reusing their banking credentials on multiple websites.”
The report found that with banking websites that allowed users to choose their own User IDs, almost two thirds of users used the same ID for other sites. Where they were allocated an ID by the bank this fell to less than half.
In addition, nearly half of people used both their user ID and password for a non-financial web site.
The use of single passwords for multiple sites raises serious security risks, when a hacker being able to get one password from a less-secure web site meaning there is a good chance it can be used on other sites.