The figures revealed that 75 percent of Britons admit that they do not follow best practice by using complex passwords, with almost half (47 percent) relying on unsafe password habits such as pet names or significant dates.
To add to this insecurity, over a third (35 percent) admitted that they do not create strong passwords because they struggle to remember them and this could increasingly become an issue with 82 percent of people saying that they are managing more online accounts than a year ago.
According to the Cyber Streetwise figures, the average Briton now uses 19 passwords on a regular basis.
The government is subsequently advising users to use three words or more and add a symbol in their password to make it more secure. It also says that Britons should consider using acronyms, ‘narrative methods' (the idea of composing a story-like password) and the Loci method, which uses visualisation to organise and recall information.
In a statement released at the same time as the figures, Karen Bradley, modern slavery and organised crime minister, said that poor passwords can result in financial – and emotional – damage to citizens.
“When passwords are compromised, financial and banking details can be stolen, causing problems for the person affected, for businesses and for the economy. There is an emotional impact caused by the loss of irreplaceable photos, videos and personal emails, but even worse, these can be seized to extort money.
“We can and must play a role in reducing our risk of falling victim to cyber-crime. Most attacks can be prevented by taking some basic security steps, and I encourage everyone to do so.”
Jamie Saunders, director of the National Crime Agency's National Cyber Crime Unit (NCCU) added: “The NCA is working closely with law enforcement colleagues all over the world to target and disrupt cyber criminals, but we should be clear that they will target weakness and therefore having weak passwords will leave you vulnerable.
“Nobody wants their personal financial details, business information or photographs to be stolen or held to ransom, so simple things like using three or more words, a mixture of numbers, letters and symbols, upper and lower case letters will make it much more difficult for hackers to access your details.”
Some industry observers have questioned the reliance on passwords, and putting the security onus onto users. At a conference in London yesterday, one cyber security consultant said:
“IT security is designed around machines not people – passwords are the building block of IT security...and that basic building block fundamentally doesn't work,” he said.
Meanwhile, renowned security professor Angela Sasse - director of the research institute for the science of cyber security at University College London - said earlier this year that '90 percent of authentication is unnecessary', and restrictive to users' productivity.
In related news, the Office of National Statistics released its annual findings in the year to June and while it disclosed an eight percent increase in fraud, it did not detail current cyber-crime levels.
Richard Sanders, solutions consultant at ACI Worldwide, said that this issue cannot be ignored, especially in areas like banking.
“...There has been an eight percent rise in the volume of fraud, yet the survey cannot accurately determine how much fraud is down to cyber-crime. It is little wonder then that our evidence suggests many companies continue to underestimate the impact potential cyber-attacks might have on their business or their customers.
“Banks in particular need to increase their focus on cyber-crime. We know of some banks that even today only employ a handful of people tasked with combating cyber-crime whereas in some fraud departments hundreds are devoted to the job.”