One password for multiple accounts: don't do it!

29.08.2011
When you leave your flat, do you leave the door wide open with your jewelry and valuables on the coffee table? When you visit a popular coffee shop, do you leave your iPad and smartphone on the table and go off shopping for an hour or two?

Of course you don't. Yet 70% of Hong Kongers use the same password for an average of seven online accounts. This shocking statistic comes from a recent survey commissioned by PayPal Hong Kong and designed and executed online by CityU during two weeks in August, with over 1,200 responders.

I know: multiple passwords are annoying. What's worse, sites demand different criteria for your password, and some even demand that you change it on a regular basis.

Fortunately, the HKMA mandated two-factor authentication for online banking years ago. That means a Hong Kong bank can send a serially numbered hard token (the thing that displays a temporary code) to each of its customers. Two-factor authentication is what allows the world-class e-channel Immigration entry/exit from Hong Kong and Macau: an ID card with your embedded thumbprint and a biometric thumbprint-reader provide the two essential authentication factors. This is good security practice.