LastPass released findings from its fifth annual Psychology of Password findings,
which revealed even with cybersecurity education on the rise, password
hygiene has not improved. Regardless of generational differences across
Boomers, Millennials and Gen Z, the research shows a false sense of
password security given current behaviors across the board. In addition,
LastPass found that while 65% of all respondents have some form of
cybersecurity education - through school, work, social media, books or
courses via Coursera or edX - the reality is that 62% almost always or
mostly use the same or variation of a password.
The goal of the LastPass Psychology of Passwords research is to showcase
how password management education and use can secure users' online
life, transforming unpredictable behavior into real and secure password
competence. The survey, which explored the password security behaviors
of 3,750 professionals across seven countries, asked about respondents'
mindset and behaviors surrounding their online security. The findings
highlighted a clear disconnect between high confidence when it comes to
their password management and their unsafe actions. While the majority
of professionals surveyed claimed to be confident in their current
password management, this doesn't translate to safer online behavior and
can create a detrimental false sense of safety.
Key findings from the research include:
-
Gen Z is confident when it comes to their password management, while also being the biggest offenders of poor password hygiene. As
the generation who has lived most of their lives online, Gen Z (1997 -
2012) believes their password methods to be "very safe." They are the
most likely to create stronger passwords for social media and
entertainment accounts, compared to other generations.
However, Gen Z is also more likely to recognize that using the same
or similar password for multiple logins is a risk, but they use a
variation of a single password 69% of the time, alongside Millennials
(1981 -1996) who do this 66% of the time. On the other hand, Gen Z is
the generation most likely to use memorization to keep track of their
passwords by 51%, with Boomers (1946 - 1964) the least likely to
memorize their passwords at 38%. - Cybersecurity education doesn't necessarily translate to action. With
65% of those surveyed claiming to have some type of cybersecurity
education, the majority (79%) found their education to be effective,
whether formal or informal. But of those who received cybersecurity
education, only 31% stopped reusing passwords. And only 25% started
using a password manager.
-
Confidence creates a false sense of password security. While 89%
of respondents acknowledged that using the same password or variation is
a risk, only 12% use different passwords for different accounts, and
62% always or mostly use the same password or a variation. To add to
that, compared to last year, people are now increasingly using
variations of the same password, with 41% in 2022 vs. 36% in 2021.
"Our latest research showcases that even in the face of a pandemic,
where we spent more time online amid rising cyberattacks, there
continues to be a disconnect for people when it comes to protecting
their digital lives," said Christofer Hoff, Chief Secure Technology
Officer for LastPass. "The reality is that even though nearly two-thirds
of respondents have some form of cybersecurity education, it is not
being put into practice for varying reasons. For both consumers and
businesses, a password manager is a simple step to keep your accounts
safe and secure."