Having your personal information compromised through a data breach can have a lot of negative consequences, including identity theft, various types of fraud, damage to your credit score, and more.
According to our survey, 21.1% of respondents have had a financial account breached, including banking, credit cards, and PayPal. Email hacks accounted for 19.3% of all security breaches, while 18.8% of respondents said they’ve had a social media account breached.
The 2017 Equifax data breach, which affected over 140 million Americans, was highlighted as well — 7.7% of respondents selected this data breach as a way their personal information was stolen.
Despite the prevalence of these high-stakes types of data breaches — those that contain sensitive information — people don’t seem convinced in the importance of good password habits, including using different, strong passwords for every account.
According to experts, one of the most dangerous password habits is reusing passwords across multiple sites and accounts. Most Americans are aware of this, although how seriously they heed these warnings depends on age, to a degree.
Our survey found that 19.4% of individuals aged 18-34 don’t believe that using the same password or a variation of the same password is risky, compared to 14% of those aged 35-54, and 14.1% of those 55 and older.
While the majority of people know that using the same password or a variation thereof is risky, 23.5% of survey respondents said they do it anyway. This reveals a level of cognitive dissonance when it comes to safe and smart password habits.
Given the fact that a higher number of people aged 18-34 said they don’t believe reusing passwords is risky, it’s not surprising that more people in that age group said they reuse passwords. Twenty-nine percent of 18-34 year-olds reuse passwords, compared to 24.9% of 35-54 year-olds, and 18.7% of people aged 55 and over.
Part of this may stem from the sheer number of password-protected accounts and devices we have in our lives. A recent study found that the average person has 70-80 accounts that require passwords. Considering that many programs have specific password parameters in place, it’s not surprising that people turn to a variety of tactics — many of them risky — to keep track of it all.
Nearly 40% of survey respondents said they write their passwords on paper to remember them, while 22% said they store passwords on their phone or another device. Meanwhile, 30% of respondents said they rely solely on their memory.
Despite the fact that password managers exist to help people keep track of this information, only 22.5% of Americans use a password manager app. Their usage is most common among couples who are living together; 35.4% of those who are cohabitating use a password manager, compared to 21.5% of single people.
A lack of trust is the most common reason why people do not use password managers, according to our survey. Thirty-four percent of respondents said they worry that their password manager could be hacked, while 30.5% said they don’t trust password manager companies with their information.
Fears of password manager hacking were more prevalent among individuals 55 and older, 37.4% of whom said they don’t use a password manager for this reason. Also among this age group, 20.1% of respondents said they don’t use a password manager because they didn’t know what a password manager is, compared to 12% of 35-54 year-olds, and 14.1% of 18-34 year-olds.
About 10% of individuals said, rather than use a password manager, they use multi-factor authentication (MFA) to protect their accounts. Multi-factor authentication requires additional steps or credentials, such as facial recognition, fingerprint, or security questions, to access an account. While MFA does provide better security than a password alone, it is still not a widely used security method.
Beyond not currently using a password manager, 48.4% of individuals say that nothing could motivate them to use one in the future.
Experiencing some type of data breach, including getting an important account hacked, or experiencing identity theft or financial losses, would motivate 35.8% of people to start using a password manager.
Cost and ease of use also play a role in whether people would start using a password manager. Twenty-eight percent of respondents said they would use a password manager if it were free, while 22.6% said they would try a password manager based on shareability and importability. It should be noted that although most popular password managers cost around $3 per month, there are free options available.
However, only 7.9% of those surveyed said they would consider using a password manager if they couldn’t rely on memory alone to keep track of their passwords.