Cybersecurity education does not equate better password hygiene and can lead to a false sense of password security, according to a survey released this week.
In its fifth annual Psychology of Passwords survey, LastPass found that although 65% of the 3,750 respondents had some form of cybersecurity education, 62% almost always or mostly use the same or variation of a password.
“The findings highlighted a clear disconnect between high confidence when it comes to their password management and their unsafe actions," the firm said in a news release. "While the majority of professionals surveyed claimed to be confident in their current password management, this doesn’t translate to safer online behavior and can create a detrimental false sense of safety.”
Growing up in the digital age did not improve password mishaps for members of Gen Z or the Millennial generation. In fact, they were the biggest offenders of poor password hygiene, with 69% of Gen Z respondents using a variation of a single password, and Millennials following closely at 66%.
While nearly 9 in 10 respondents (89%) know that using the same password or a variation is a risk, only 12% said they use different passwords for different accounts and 62% said they always or mostly use the same password or some variation.
And despite 65% of respondents having some form of cybersecurity education, fewer than a third (31%) stopped reusing the same passwords and only a quarter started using a password manager.
Different online accounts elicited different responses, however. Most respondents (69%) said they would create a stronger password for their financial accounts, and 52% would use more complex passwords for email. But the percentage of respondents fell below 50% for accounts for:
- Medical and health records (35%)
- Work-related accounts (33%)
- Social media (32%)
- Retail/shopping (18%)
- Entertainment accounts such as Netflix (14%)
- I choose/create a password the same way regardless of the type of account (13%)
- Travel/airline (8%)
“Our latest research showcases that even in the face of a pandemic, where we spent more time online amid rising cyberattacks, there continues to be a disconnect for people when it comes to protecting their digital lives,” said Christofer Hoff, chief secure technology officer for LastPass. “The reality is that even though nearly two-thirds of respondents have some form of cybersecurity education, it is not being put into practice for varying reasons. For both consumers and businesses, a password manager is a simple step to keep your accounts safe and secure.”