Keeper Security has released its latest research, Password Management Report: Unifying Perception with Reality, which assesses the password habits of individuals across the United States and Europe.

For the report, Keeper surveyed over 8,000 people. The survey focuses on the differences between what people say they do to ensure their cybersecurity, and what they actually do. The survey revealed that many people are overconfident in their overall security health and that there is a clear disconnect between people’s actions and their perception. The report also found that older generations are more likely to practice good password security than their younger peers. Overall, cybersecurity and password best practices were revealed to be an enigma. Individuals think they are protected, but based on the actions those same individuals take, that confidence may be misplaced.

People Overestimate Their Security 

The majority (51%) of respondents in the survey reported that “Cybersecurity is easy to understand.” Additionally, a full quarter of respondents reported that not only was cybersecurity an easy concept to grasp, but they actively take steps to protect themselves. Only 10% of all respondents admitted to feeling overwhelmed by cybersecurity. For anyone who works in the field, that may jump out as a shockingly low number. After all, new threat vectors are being exposed every day, major ransomware gangs dominate newscycle on a regular basis and the sheer number of breaches has grown at a seemingly exponential rate. How then, could people feel so confident in their security posture?

The answer, worryingly, could be simple ignorance. For example, the survey found that only 25% of people are using strong, unique passwords for all their accounts, which leaves 75% of individuals with dangerously weak password practices. A third of respondents (34%) use strong passwords but repeat variations of them (for example Hockeyfan123 and 123Hockeyfan), a practice which is vulnerable to credential-stuffing attacks. Finally, a jaw dropping 14% of all respondents use simple, repeated passwords across their accounts.

Creating and remembering hundreds of unique passwords is a mammoth task, and one most people neither have the time or energy to tackle. As a result, people tend to ignore advice from cybersecurity experts, government bodies and other experts, instead choosing to imagine that cyber risk does not apply to them.

Older Demographics Have Better Password Management

Not all individuals are hopelessly vulnerable, and contrary to popular belief, it is not the younger generation that has the best password management practices. In fact, 29% of Baby Boomers (aged 59-77 years) use strong, unique passwords versus only 20% of Gen Z (aged 16-26 years) respondents.

Older generations may be more in tune with the reality of sophisticated and ever present cyberthreats, or they may just have more to lose should a breach occur. Either way, we as an industry need to do more to educate users and improve their understanding of the tactics that can help people avoid a costly attack.

Bridging the Knowledge Gap

While advice on cybersecurity is abundant, Keeper’s survey reveals it is too overwhelming for over a third of people. Although respondents claim that strong passwords are the most effective way for personal cybersecurity, the majority do not follow the industry-recommended password protection practices in their day-to-day lives. Keeper’s findings show that three-quarters of people fail to follow password best practices, yet almost everyone considers cybersecurity to be easy to comprehend.

Cybersecurity is essential to effectively protect our increasingly dependent online presence, yet many ignore the value of proper digital safety protocols. People should confront their overconfidence, fear, and apathy to secure their devices, identities, and accounts.  A first step is using a password manager like Keeper to create and store strong, unique passwords and passkeys for all of your accounts.

Source: Keeper Security