The new study, undertaken by Harris Interactive for ESET, questioned more than 2000 people online from August 27–29, 2012 on their use of passwords. Passwords remain by far the primary method of authentication on the internet, and remain fundamental to our security and privacy. ESET security evangelist Stephen Cobb released partial data from the results in a blog yesterday – and the results are fascinating to say the least.
The initial surprise is the relatively high percentage of users now employing ‘strong’ passwords: 84%. Cobb is optimistic. “While cynics might say this result just reflects an increase in the number of online authentication systems that enforce strong password rules,” he comments, “I’m inclined to think it shows some progress in the general understanding of what is meant by ‘strong password’.”
Unsurprising, because it has been noted many times in the past, young people are less security conscious than their older counterparts. Seventy-seven percent in the 18–34 age-group use strong passwords, while 89% in the 55+ group do so. The reason has never been clear. Are young people, who have grown up with Facebook and smartphones, simply too relaxed about technology? Or are there deeper reasons for the difference.
Other results indicate there may be. Married people (89%) take more care than single people (77%). Higher income (rich) people (88%, and 89% for the very highest bracket) take more care than lower income (poor) people (79%). Employed and retired people (86%) take more care than students (77%).
There seem to be two main themes emerging here. In each case where greater care is taken, the people concerned are likely to be the older demographic. So do life’s negative experiences mount up as people get older, so that the older demographic is more cynical and untrusting and therefore more careful? Or is it that with age comes possessions; and the more people have to lose, the more effort they will take to protect it? This may take sociologists to provide an answer, but that answer might be one from which the security industry may benefit.