Americans and passwords still don’t get along

Chances are your users aren’t putting as much attention into security as they should be. And it may lead to real problems for IT. 

A study by Pew Research found that Americans are severely lacking in their cybersecurity habits. Chief among these was passwords, a longtime foe of security pros everywhere.

According to the study:

  • 86% of users choose a password easy enough for them to store in their heads, and
  • 49% write them down.

Both can be equally dangerous, given that a password that’s easy enough to remember is probably one that’s able to be cracked pretty easily. In addition:

  • 41% of users share their passwords with family members or friends
  • 39% use the same or substantially similar passwords for many of their online accounts, and
  • 25% said they use passwords that are probably not as secure as they’d like because they’re easier to remember than the passwords that are complex.

And to make matters even worse, smartphone users, whose devices are particularly prone to falling into the wrong hands, are failing to protect data at an alarming rate. More than a quarter (28%) reported they had no screen lock on their devices, meaning if it gets lost or stolen, all the information stored on it would be unprotected.

Simple passwords still rule the day

These password faux pas are also backed up by another survey of the worst passwords of 2016. There aren’t many surprises on the SplashData list – it’s the usual variations of “1234567,” simple phrases like “login” and the ubiquitous “Password” – but what’s most interesting is that one in ten passwords is believed to be one of the top 25 most common.

In other words, given 25 attempts, hackers could probably compromise the credentials of a tenth of your workforce.

Victims, too

While you can’t draw a direct line between this information and data theft, it’s likely that these password policies have caused users some trouble in the past. Forty-one percent of those surveyed by Pew had noticed fraudulent charges on a credit card, 35% had personal information compromised and 16% had an email account that was taken over.

Of course, not all these attacks are the result of poor security on users’ part. Businesses are more than capable of having security shortcomings affect millions of customers at the same time.

Silver lining

If you’re looking for a bright spot in the Pew survey, there is one. More than half of users are on-board with two-factor authentication (2FA), a critical tool for protecting data.

Fifty-two percent of those surveyed said they use 2FA. This means that even if their password was stolen or compromised, they’d likely be protected from a breach.

Your mission: Make sure the other 48% are getting the message and using this service whenever it’s available.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy