Approximately 28 per cent of Americans are "not confident at all that the federal government can keep their personal information safe," the Pew Research Center reported on Thursday, while also noting that many Americans fail to observe security best practices when online.
White House Press Secretary Sean Spicer appeared to validate these findings when he tweeted, for the second time in as many days, a string of letters and numbers that many believe was his Twitter account password.
The Pew report, "Americans and Cybersecurity," suggests that skepticism about the ability of government agencies and private companies to protect personal data is justified, as it notes that the majority of Americans (64 per cent) have been affected by some form of data theft: fraudulent charges, compromised personal information, online account hijacking, social security number misuse, or identity theft.
Given recently-disclosed security failures – such as Yahoo!'s admission that personal details for more than a billion user accounts had been stolen, and the Office of Personnel Management's loss of sensitive data on some 21 million current and former government employees – it's not difficult to see why such concerns might arise.
Yet Americans' bad personal experiences aren't translating into better security habits.
"[F]ully 84 per cent of online adults rely primarily on memorization or pen and paper as their main (or only) approach to password management," the report states. That's an approach that only scales well when people reuse the same password at multiple websites, and passwords that can be remembered often lack the complexity to resist dictionary-based attacks.
Unsurprisingly, 39 per cent of online adults say they use the same or very similar passwords for many of their online accounts, and 25 per cent admit to using passwords that are less secure than they might like because simple passwords are easier to remember.
Security experts tend to recommend a password management application, which obviates the need to remember multiple complex passwords.
But there's more. Some 28 per cent of smartphone owners say they don't bother to use a lockscreen, while 54 per cent say they use public, potentially insecure Wi-Fi networks. Worse still, 20 per cent acknowledge accessing public networks for online shopping and banking.
The Pew study observes that the majority of Americans (70 per cent) expect significant cyberattacks on the country's public infrastructure in the next five years. With so much disinterest in improving their own online security postures, that expectation appears destined to be a self-fulfilling prophecy. ®