LastPass by LogMeIn this week released findings
of its third
Psychology of Passwords global report, revealing
that people aren't protecting themselves from cyber security risks even
though they know they should. Year after year there
is heightened global awareness of hacking and data
breaches, yet consumer password behaviors remain largely unchanged.
Data from the survey shows that 91 percent of people know that using the same
password on multiple accounts is a security risk, yet 66 percent
continue to use the same password anyway. With people spending more
time online, the evolution of cybersecurity
threats and the unchanged behavior in creating and
managing passwords creates a new level of concern around online
security.
Released in time for World Password Day, the global survey polled 3,250 individuals
across the United States,
Australia, Singapore, Germany, Brazil, and the United
Kingdom and provides evidence that increased knowledge of security
best practices doesn't necessarily translate into better password management.
Key findings include:
-
Global Cyber ThreatsContinue toSkyrocket
but Password Behaviors Unchanged
Password behaviors remain
largely unchanged from the same study conducted two years ago - translating to
some risky behaviors. 53 percent report not changing passwords in the
past 12 months despite a breach in the news. And while 91 percent know that
using the same password for multiple accounts is a security
risk, 66 percent mostly or always use the same password. This is
up 8 percent from our findings in 2018.
-
Security-conscious Thinking Doesn't Translate to
Action
The data showed several
contradictions, with respondents saying one thing and in turn, doing another.
77 percent say they feel informed on password best practices,
yet 54 percent still try to memorize passwords and
27 percent write them down somewhere. Similarly, 80 percent are
concerned with having their passwords compromised, and yet 48 percent never
change their password if not required.
-
Fear of Forgetfulness = Number One Reason for Password
Reuse
Most respondents
(66 percent) use the same password for multiple
accounts, which surprisingly has gone up 8
percent from our 2018 findings. Why? The fear
of forgetting login information continues to be the number one
reason for password reuse (60 percent), followed by wanting to
know and be in control of all of their passwords (52 percent).
-
Awareness andUsage of MFAIncreasing
The good news is there
is broad awareness and usage of Multifactor authentication (MFA). Fortunately,
54 percent say they use MFA for their personal accounts and 37 percent are
using it at work. Only 19 percent of survey respondents said they
did not know what MFA was.
Respondents are also very
comfortable with biometric authentication - using your fingerprint or face to
login to devices or accounts. 65% said they trust fingerprint or facial
recognition more than traditional text passwords.
"During a time where much of the world is working from home due to the
disruption caused by the COVID-19 pandemic, and people are spending more time
online, the cyber threats facing consumers are at
an all-time high. Individuals seem to be numb to the
threats that weak passwords pose and continue to exhibit behaviors
that put their information at risk," said John
Bennett, SVP & GM of Identity and Access Management at
LogMeIn. "Taking just a few simple steps to improve how you
manage passwords can lead to increased
safety for your online accounts, whether personal or
professional. Make World Password Day 2020 the tipping point for a change
in your password behavior."
Grab a copy here: Fullreport &
Infographic