Javelin Examines Consumers’ and Financial Institutions’ Password Practices

San Francisco, CA, December 11, 2014: Despite claims that “passwords are dead,” this method of authentication remains widely used among the financial industry and consumer-oriented websites. Vulnerabilities such as password reuse, targeted malware, data breaches and social engineering continue to contribute to the rising rates of identity fraud. Javelin Strategy & Research’s report, In Search Of a Better Password Policy, examines financial institutions public-facing password policies for maximum security and consumers’ password habits that create opportunities for fraudsters.

Passwords face six major security challenges, half of them are criminal in origin and the other half are due to consumer’s poor password practices. Consumers with more than 20 online accounts experience identity fraud at a 37% higher rate than the average consumer because of password reuse.

Consumers Reuse Passwords with Increasing Online Accounts

Criminals depend on password reuse to render credentials from seemingly non-sensitive accounts into something far more valuable. With breached credentials in hand, cybercriminals leverage software which allows them to test the validity of compromised credentials at hundreds of online sites automatically. Javelin recommends a formula for consumers to develop easy to remember, yet tougher passwords for fraudsters. Checkout this video: Javelin presents Cipher to Create Unique, Strong Passwords

“While many anticipate a future free of passwords, a balanced approach to improving security while preserving the experience of accountholders is critical,” explained Al Pascual, Director of Fraud & Security for Javelin Strategy & Research. “Financial institutions need to strengthen their password policies in order to stymie fraudsters, but that is not enough. Poor user habits are the other half of the password-security problem. Accountholders should be empowered with practical advice to securely create and manage their passwords.”

The Javelin Strategy & Research report In Search Of a Better Password Policy analyzes consumers’ latest password habits and the public-facing password policies of six financial institutions and four consumer-oriented non-banking websites. Those surveyed include, Ally, Amazon, Bank of America, Bank of the West, Capital One, Comerica, eBay, Facebook, Google, and SunTrust.

Related Research

About Javelin Strategy & Research
Javelin Strategy & Research, a Greenwich Associates LLC company, provides strategic insights into customer transactions, increasing sustainable profits for financial institutions, government, payments companies, merchants and other technology providers. Javelin’s independent insights result from a uniquely rigorous three-dimensional research process that assesses customers, providers, and the transactions ecosystem.

Media Contact
Nancy Ozawa
Marketing Communications
(925) 219-0116