Technology Featured Southeast Asia

Poor password practices persist among 93% of Malaysians

Singapore – Despite 57% of internet users in Malaysia experiencing a personal data breach or knowing someone who had, 93% of the respondents admit to practicing poor online habits, including sharing, recycling and using guessable passwords. The findings are part of Google’s latest digital responsibility study conducted across APAC.

The study found that 80% of respondents in Malaysia use the same passwords for multiple sites, with 45% of the respondents admitting to recycling passwords for up to 10 unique sites. Among these password recyclers, 40% say they do so in fear of forgetting new passwords, while 41% say it is simply convenient to use the same ones.

“We know from past research that people who have had their data exposed by a breach are 10 times more likely to be hijacked. When we share, recycle and use guessable passwords we put our personal information, including payment data, at exponential risk,” said Chuah Jia Wen, industry head of CPG and retail at Google Malaysia.

Furthermore, 51% of local respondents confessed to using guessable passwords, spanning the most easily crackable combinations from significant dates and significant others to pet names and even postal codes. Worse still, 25% of the respondents admit to saving their passwords in the ‘Notes’ app of their mobile phones, most of which are not encrypted by default.

In regards to security in online transactions, 60% of the respondents admit to making purchases on pages without the secure symbol on the page’s hyperlink. Notable too is that 70% of respondents who save financial information online also share passwords with friends and family, putting themselves at greater risk of a personal data breach with passwords used across multiple devices.

Despite these online security lapses, 64% of respondents say that they are likely to adopt two-factor authentication (2FA), even if it is not mandatory. Meanwhile, 80% of respondents also say that in the face of a potential data breach, they will choose to change their password immediately. Interestingly, 33% of those who would not change their passwords immediately are believed to be acting out of caution, citing that the breach notification could well be a scam on its own.

“It is clear from our findings that internet users in Malaysia desire to get better at managing their digital health. The challenge, however, lies in the gap between knowledge and action, and key to plugging this gap is access to tools that can adequately equip people with both security and convenience,” Chuah stated.

She added, “That’s why we focus on providing easy to use tools to help people take charge of their online safety, and we strongly encourage everyone to take full advantage of them especially in this year-end season, where the need to safeguard against holiday hacking is more crucial than ever before.”