New survey finds three in five Singaporeans experienced a personal data breach or knew someone who has, yet 94% persist with poor password practices

New survey finds three in five Singaporeans experienced a personal data breach or knew someone who has, yet 94% persist with poor password practices

Ahead of the year-end shopping season, Google commissioned a digital responsibility study that uncovered a worrying statistic about Singaporeans’ digital habits. Despite having three in five (58%) internet users in Singapore experiencing a personal data breach or knowing someone who had, 94% of respondents surveyed admit to practising poor password habits. 

Conducted by market research agency, YouGov in September this year through a poll of over 13,000 respondents across 11 markets in Asia, the results drew attention to the need for greater vigilance, especially when online shopping is expected to increase by 20% during the holiday season, making more people vulnerable to fraud.

Risks of Password Reuse and Recycling 

The e-commerce boom heralded by COVID-19 has been significant. Online activity grew so much that the average internet user today has 25% more passwords than they did before the pandemic. This brings the average person to owning a whopping 80 passwords, and that’s a lot to memorise.

Against this backdrop, the Google study found that 82% of respondents in Singapore use the same passwords for multiple sites, with two in five (45%) admitting to recycling passwords for up to 10 unique sites. While recyclers cited their fear of forgetting new passwords, and the convenience to reuse the same ones, this habit opens up greater risks for such users as they are twice as likely to have their financial data stolen online. 

Compounding the problem is another finding that  indicates that one in three (35%) of local respondents confessed to using guessable passwords, spanning the easily crackable combinations from significant dates and significant others to pet names and even postal codes. One in five (17%) also admits to saving their passwords in the ‘Notes’ app of their mobile phones, most of which are not encrypted by default. 

Sharing is Daring

The study found that data is being shared – and it is being shared a lot. Two in five (44%) respondents have no qualms about passing passwords to friends or family. 

Even as online transactions continue to surge, three in five people (64%) admit to making purchases on pages without the secure symbol, which greatly lowers the barriers for fraudsters to steal their personal details.

Ben King, Country Director for Google Singapore said, “We know from past research that people who have had their data exposed by a breach are 10 times more likely to be hijacked. When we compromise security for convenience by sharing, recycling and using guessable passwords, we put our personal information – including payment data – at exponential risk.” 

Hope for Healthier Habits

With concerted public education efforts from the government and industry players, digital responsibility is gaining more prominence among online users in Singapore. Four in five (83%) respondents say that in the face of a potential data breach, they will choose to change their password immediately.

There are also gradual signs of proactive efforts among Singaporeans to guard their data, with 70% of respondents saying that they are likely to adopt two-factor authentication (2FA), even if it is not mandatory. A third (33%) of Singaporeans additionally indicated that they are likely to use a password manager. This signals a marked increase from a mere 4% of Singaporean respondents who currently do so – which stands at the lowest among countries surveyed. 

Ben added, “It is clear from our findings that internet users in Singapore desire to get better at building up their online safety. The challenge, however, lies in the gap between knowledge and action, and the key to plugging this gap is access to tools that provide security and convenience. That’s why we focus on providing easy-to-use tools like the Google Password Manager and Security Checkup to help people take charge of their online safety, and we strongly encourage everyone to take full advantage of them ahead of the year-end shopping season.”

Quick Tips

As the rate of cybercrime is anticipated to climb with soaring year-end shopping, maintaining good password hygiene is crucial. The good news is, there are freely available tools to help internet users do so and Google urges people to take a moment to strengthen their online security with these three simple tips:

  1. Cultivate security consciousness, build better passwords

Recycling digital passwords is like using the same key to lock your home, car and office – if someone gains access to one, all of them could be compromised.  The same holds true for weak passwords. 

A unique and robust password for each account can help to reduce this risk. Make sure that each password is hard to guess and better yet, at least eight characters long. To make this easier, consider using a password manager to help create stronger passwords, safeguard them and keep track of all of them. 

For instance, the Password Checkup, found in Google’s Password Manager, helps check the strength and security of all saved passwords. It tells users if any of it has been compromised (for example, in a third-party breach), and provides an overview on how users are reusing their password across various sites. More importantly, it identifies weaker passwords that  leave accounts vulnerable and offers actionable recommendations. 

  1. Turn on two-factor authentication

Setting up two-factor authentication (2FA) – also known as 2-Step Verification – significantly decreases the chances of someone gaining unauthorised access to an individual’s account. For the majority, Google’s automatic sign-in protections are more than enough, but everyone should know that 2FA is an additional form of verification – an added layer of security.  

2FA requires users to take a second step each time they sign in to their account, on top of their username and password. Examples of second verification steps include: an SMS text message, a six-digit code generated by an app, a prompt that you receive on a trusted device or the use of a physical security key.

  1. Take a step further and complete the Google Security Checkup

Taking the Security Checkup can help everyone stay safer online. Google’s Security Checkup is a step-by step tool that users can use frequently to strengthen the security of their Google Account – takes approximately two minutes to complete. It provides users with personalised and actionable security recommendations, guiding them to review connected devices, risky third-party sites and apps that have access to sensitive information, as well as 2FA options. 

Find more online security tips like these by visiting Google’s Safety Center, or visit your Google Account to find all the settings and tools mentioned in this release.

This site uses Akismet to reduce spam. Learn how your comment data is processed.