Forty-nine of them fail to secure our passwords, but it's not all their fault

Airbnb is the only travel-related website out of 55 studied that fully protects their users’ passwords from hackers.

Eighty-nine percent of these websites leave their users’ personal information wide open, says a study from cybersecurity app Dashlane. Here’s a look at the best and worst…

Five most secure

  • Airbnb
  • Hawaiian Airlines
  • Hilton
  • Marriott
  • Royal Caribbean

Five most vulnerable

  • Trivago
  • Trip Advisor
  • Student Universe
  • Skiplagged
  • International Hotel Group

“The modern traveler has to reckon with the many digital hazards associated with a journey — from booking flights, to reserving hotel rooms, to renting a car or looking online for recommendations — which creates many chances for personal data to become compromised,”says Dashlane CEO Emmanuel Schalit. “The days of worrying about just pickpockets are over. Digital thieves are the real threat.”

The problem doesn’t solely lie with these companies. We’re reckless with our own passwords.

Password insecurity

Almost half (44 percent) of Americans use one to five passwords for all of their accounts, says a study from inspection and insurance company The Hartford Steam Boiler (HSB).

The study concludes that Americans use one password for multiple online accounts. And we prefer using sticky notes over secured password management applications like Dashlane, or LastPass. Dashlane says both these habits leave your account vulnerable. The cybersecurity company recommends to…

  • Create a new, and unique password for every account
  • Make your passwords more than eight characters
  • Avoid using names, places, slang words or common phrases
  • Use a mix of symbols, numbers, upper-and lowercase letters
  • Use a password manager
  • Avoid unsecured WiFi while traveling

“The survey also shows one out of three consumers was hacked in the past,” says VP for HSB Timothy Zeilman. “That rate should be falling faster and part of the problem is carelessness with passwords and personal security.” has previously reported on the 20 cities in the U.S. that protect their passwords best, according to Dashlane. And that using unsecured WiFi on vacation leaves you open to hacking.

Over half (52 percent) of Americans spend an hour a day checking their email, text and social media while on vacation, says a study from cybersecurity company McAfee. And 58 percent of them know how to check WiFi security on their devices. But a quarter (23 percent) just don’t check it at all.

“Our devices are extensions of ourselves that we rely on for more tasks every day,” says McAfee security executive Gary Davis. “By taking basic security precautions and avoiding unnecessary risks, consumers can better protect personal information, making their vacation more enjoyable knowing they are connecting with confidence.”

But like most problems in America, people only act on them when they’re forced to.

Beware of suspicious emails

Good password practices can only help so much. Hackers can also gain access to your personal information through email phishing scams.

That’s when a hacker sends a suspicious link through your email, often disguised as trustworthy companies. However, it’s a scheme to gain access to you’re name, passwords, credit card and other sensitive information.

Most suspicious emails are sent from the U.S. There are 14 billion fraudulent emails sent everyday, says a study email cybersecurity company Valimail. That’s one out of every 20 emails.

Government agencies are much safer with protecting email communication from fraud than large private sector companies. According to Valimail, in 2017, the Department of Homeland Security made it policy for governmental organizations to adopt an email spoofing detection system.

“Rarely a week goes by when we don’t read about a successful phishing campaign costing businesses and even governments untold sums of money and breaches of trust with customers,” says Valimail CEO Alexander García-Tobar. “The results of our study are clear: without real policies in place to ensure that email senders are who they claim to be, businesses and consumers remain wide-open to impersonation and fraud.”

free debt analysis call 855-654-9191

Meet the Author

Joe Pye

Joe Pye

Associate editor

Pye is the associate editor of


identity theft

Related Posts

Article last modified on September 20, 2018 Published by, LLC . Mobile users may also access the AMP Version: Popular Travel Websites Aren't Protecting Our Data - AMP.