LastPass Psychology of Passwords Report Reveals 91% of People Know Password Reuse is Insecure, Yet Two Thirds Do It Anyway

Cognitive dissonance prevails, unchanged behaviors create new online security concern


BOSTON, May 05, 2020 (GLOBE NEWSWIRE) -- LastPass by LogMeIn today released findings of its third Psychology of Passwords global report, revealing that people aren’t protecting themselves from cyber security risks even though they know they should. Year after year there is heightened global awareness of hacking and data breaches, yet consumer password behaviors remain largely unchanged. Data from the survey shows that 91 percent of people know that using the same password on multiple accounts is a security risk, yet 66 percent continue to use the same password anyway. With people spending more time online, the evolution of cybersecurity threats and the unchanged behavior in creating and managing passwords creates a new level of concern around online security.

Released in time for World Password Day, the global survey polled 3,250 individuals across the United States, Australia, Singapore, Germany, Brazil, and the United Kingdom and provides evidence that increased knowledge of security best practices doesn’t necessarily translate into better password management.

Key findings include:

  • Global Cyber Threats Continue to Skyrocket but Password Behaviors Unchanged
    Password behaviors remain largely unchanged from the same study conducted two years ago — translating to some risky behaviors. 53 percent report not changing passwords in the past 12 months despite a breach in the news. And while 91 percent know that using the same password for multiple accounts is a security risk, 66 percent mostly or always use the same password. This is up 8 percent from our findings in 2018.

  • Security-conscious Thinking Doesn’t Translate to Action
    The data showed several contradictions, with respondents saying one thing and in turn, doing another. 77 percent say they feel informed on password best practices, yet 54 percent still try to memorize passwords and 27 percent write them down somewhere. Similarly, 80 percent are concerned with having their passwords compromised, and yet 48 percent never change their password if not required.
                 
  • Fear of Forgetfulness = Number One Reason for Password Reuse
    Most respondents (66 percent) use the same password for multiple accounts, which surprisingly has gone up 8 percent from our 2018 findings. Why? The fear of forgetting login information continues to be the number one reason for password reuse (60 percent), followed by wanting to know and be in control of all of their passwords (52 percent).
                 
  • Awareness and Usage of MFA Increasing
    The good news is there is broad awareness and usage of Multifactor authentication (MFA). Fortunately, 54 percent say they use MFA for their personal accounts and 37 percent are using it at work. Only 19 percent of survey respondents said they did not know what MFA was.
    Respondents are also very comfortable with biometric authentication – using your fingerprint or face to login to devices or accounts. 65% said they trust fingerprint or facial recognition more than traditional text passwords.

“During a time where much of the world is working from home due to the disruption caused by the COVID-19 pandemic, and people are spending more time online, the cyber threats facing consumers are at an all time high. Individuals seem to be numb to the threats that weak passwords pose and continue to exhibit behaviors that put their information at risk,” said John Bennett, SVP & GM of Identity and Access Management at LogMeIn. “Taking just a few simple steps to improve how you manage passwords can lead to increased safety for your online accounts, whether personal or professional. Make World Password Day 2020 the tipping point for a change in your password behavior.” 

Resources

Survey Methodology

The Psychology of Passwords survey was commissioned by LastPass and fielded by independent panel research firm Lab42 from March 5-15, 2020. The responses were generated from a survey of 3,250 adults, ages 18 to 60 who have multiple online accounts. Survey respondents represented the United States, Germany, Brazil, Australia, Singapore and the United Kingdom. Where possible, results were compared with the 2018 Psychology of Passwords survey commissioned by LastPass.

About LastPass
LastPass is an award-winning password manager helping more than 16 million users organize and protect their online lives. For more than 58,000 businesses of all sizes, LastPass provides identity and access management solutions that are easy to manage and effortless to use. From single sign-on and enterprise password management to adaptive multifactor authentication, LastPass for Business gives superior control to IT and frictionless access to users. For more information, visit https://lastpass.com.
LastPass is a trademark of LogMeIn in the U.S. and other countries.

About LogMeIn, Inc.

LogMeIn, Inc. (NASDAQ: LOGM) simplifies how people connect with each other and the world around them to drive meaningful interactions, deepen relationships, and create better outcomes for individuals and businesses. One of the world’s top 10 public SaaS companies, and a market leader in unified communications and collaboration, identity and access management, and customer engagement and support solutions, LogMeIn has millions of customers spanning virtually every country across the globe. LogMeIn is headquartered in Boston, Massachusetts with additional locations in North America, South America, Europe, Asia and Australia.

Media Contact:
Lauren Christopherson
press@lastpass.com