Most people believe they're more secure online than they really are
New research commissioned by Google, carried out by Harris Poll and released to coincide with Safer Internet Day suggests there is a gap between perception and reality when it comes to online security.
The majority of people (69 percent) give themselves an A or B when it comes to protecting their online accounts -- only five percent give themselves a D or an F. In fact, most people (59 percent) believe that their accounts are safer from online threats than the average person and 61 percent say they are too smart to fall for a phishing scam.
But despite this confidence, many respondents described practices, often related to passwords, that could put their data at risk. The results show 65 percent of respondents reuse the same password for multiple accounts, with 51 percent reporting that they have a favorite password they use for most of their accounts.
While 53 percent understand that using letters, numbers and symbols is a best practice for creating passwords, only 39 percent say they actually follow this guideline. Just one in four (23 percent) believe that making passwords long is an important best practice. And, despite commonly using personal information to create passwords -- for instance 24 percent of 16-24 year-olds use their name or nickname -- the majority (85 percent) believe their passwords would be hard for someone to guess.
The majority of people say they wish they had a better way to keep track of their passwords (61 percent) and have too many passwords to remember (60 percent). Half often forget their passwords and have to reset them (49 percent) or write their passwords down on paper (50 percent). Seven percent have never changed the password of their most used account. Yet despite this only 24 percent report using a password manager.
There is some good news, a majority of respondents have either an email address (87 percent) or mobile device/cell number (73 percent) tied to their accounts as recovery information. Most users understand the importance of software updates too, 79 percent of respondents believe that updating security software is very important or absolutely essential to their online security.
That said there's still some ignorance around online threats and security tools. Only 32 percent of people surveyed could correctly define phishing, password manager, and 2FA. 19 percent were unable to define any of these terms. 31 percent are not using 2FA at all or don’t know if they are using it.
There are some interesting generational differences too. 16-24 year-olds are more likely to use 2FA (76 percent compared to 69 percent overall) and to regularly update their desktop, mobile, and web applications (63 percent vs 56 percent). However they are less likely to have changed the password of their most used account within the past year (29 percent vs 13 percent), and to know what ‘phishing’ means (44 percent vs 60 percent).
By contrast 50+ year-olds are more likely to believe that updating security software is very important or absolutely essential (84 percent vs 79 percent) and to use a different password for every account (40 percent vs 35 percent). But they are less likely to link recovery information, like a phone number, to their accounts (58 percent vs 87 percent) and to use password managers (17 percent vs 24 percent).
You can see details of the research in the infographic below and Google has some handy tips for staying safer online on its blog.