A New Study Revealed That 41% of Participants Reused the Same Password on All Accounts
Cybersecurity professionals often assume that users simply don't know enough about the threats they can encounter online. This may not necessarily be true, though. According to TechAdvisor, a recent survey conducted by F-Secure revealed that about 65% of internet users are worried about the possibility of identity theft. About 5 thousand people from 12 countries took part in the study, which isn't exactly a small sample, and it took place in May, which goes to show that the results can serve as a good illustration of the current situation.
Table of Contents
Users are familiar with the dangers, but what are they doing about it?
Not a whole lot, unfortunately. If you think about the things you can do to protect yourself from identity theft, the first action that would come to mind is a serious audit of your passwords and a review of the password management practices you employ. Yet, about 41% of the participants in F-Secure's survey admitted that they reuse the same passwords on multiple accounts. Furthermore, 56% said that they make slight modifications to one and the same password before using them on many different websites.
Are users unaware of how dangerous password reuse could be?
This seems unlikely. For years now, cybersecurity specialists have been reiterating the importance of the use of unique passwords time and again, and people must have heard the advice.
For once, we can't blame the "it won't happen to me" attitude, either. During a similar study in April, just under 40% of all participants said that they have seen an online service they use get breached. Although credential stuffing is a relatively recent phenomenon, it's so widespread nowadays, that people must have heard of it, and they must be aware of the fact that if they reuse their passwords, a hacking incident at one service provider can result in the compromise of multiple accounts.
In other words, users know what the threat is, they are aware of the fact that they're doing something wrong, and they know how serious the consequences could be.
What’s the problem, then?
At least a part of the issue lies with the lack of choice. Cybersecurity experts have agreed that the only secure way of storing passwords is with a password manager. Despite the advice from the specialists, the numerous features they offer, and the fact that there are so many different password management products available on the market, many users simply refuse to be forced into using them and prefer instead to come up with their own methods, which clearly don't work.
The fact that a password manager that stores all your data in an encrypted digital vault is a relatively new concept doesn't help, either. Skeptics are scared that if their password manager gets hacked, all their accounts will be exposed, and they fail to notice how absurd this statement is given the fact that so many of them reuse the same password for multiple online services. Some are reluctant to even try using a password manager and instead claim that it causes additional inconvenience when, in fact, it does the exact opposite.
Whatever you think, the fact of the matter is, at this point in time, the password manager simply doesn't have an alternative. Leading technology companies are trying to come up with a viable authentication method that doesn't rely on a password, but for now, a breakthrough is still a long way away, and we're stuck with the current system and all its pitfalls.
The best way to utilize it is to use a password manager and enable two-factor authentication wherever possible. It's the first and most important step towards protecting yourself from identity theft.
