It looks like the message is still not getting through to many people that bad passwords are a serious security risk, with a new report shedding light on some particularly poor practices.
Keeper Security – in our view the best password manager for mid-sized businesses – assessed over 8,000 users across the UK, France and Germany, finding three-quarters (75%) failed to make use of recommended guidelines when creating and using passwords, with two-thirds (64%) either using weak or repeating passwords across their accounts.
Over a third of respondents also commented that they felt overwhelmed by the prospect of improving their online security, with 41% saying cybersecurity is too difficult to understand, which may go a long way towards explaining why they are more susceptible to being hacked.
When Keeper Security asked the individuals which animal they most identified with when it came to their cybersecurity posture, over one in four people [described] themselves either as an ostrich burying their head in the sand, careless as a bull in a china shop or a possum paralysed with fear, noted Darren Guccione, CEO and Co-founder of Keeper Security.
“The industry clearly still has much work to do to get more people comfortable with cybersecurity and better protected as a result,” he added.
A potentially worrying side-note is that many users are even overestimating their confidence when it comes to online security, with some comparing themselves to lions and hawks in their protective and attentive instincts over their passwords.
However, 40% of the ‘hawks’ had no idea whether their passwords had been breached, which is especially concerning considering that Keeper also references Verizon’s annual Data Breach Index Report, which found that 80% of breaches are the result of compromised credentials.
When it came to password managers, only 7% of respondents to the Keeper Security study thought such tools were the best way to “achieve personal cybersecurity.”
“Password management does not need to be complex, overwhelming or difficult to understand even with a large number of digital accounts to secure,” said Craig Lurey, CTO and Co-founder of Keeper Security.
“Along with creating and storing strong and unique passwords for all digital accounts, a password manager can offer protection against phishing attacks and malicious links, because it will not fill credentials if the URL doesn’t match what’s in the user’s vault,” he added.
“A password manager can also be paired with dark web monitoring so users can stay abreast of all account information and take action immediately, if credentials are compromised.”
The report also revealed a generational gap in password practices, with 29% of Baby Boomers using strong and unique passwords for every account, and only 20% of Gen Z doing so; this was also the age group that felt most overwhelmed by cybersecurity at 40%.