Survey Finds Millennials Take A Casual Attitude Toward Cybersecurity

Visual Objects, an entity providing a visual guide to finding and hiring the best creative firms, surveyed 500 full-time U.S. employees to learn about how employees affect cybersecurity practices at their workplaces. The results are not encouraging.

Six-in-ten (63 percent) of full-time U.S. employees have recycled passwords on work accounts and devices. The data shows Millennial workers are 6.5 times more likely to always reuse work passwords than are Baby Boomers, who demonstrate safer password practices. Some observers think this is due to Millennials' comfort with technology, which encourages poor password behavior.

Currently, 63 percent of employees are not concerned about storing personal information on work devices. In an interesting twist, however, more than one-fourth of Baby Boomers (27 percent) are very comfortable with keeping personal information on work devices, despite associated cyber risks. However, only 17 percent of Millennials felt this way. In this case, observers believe that because Millennials have more technological devices, like a personal laptop, tablet, mobile phone, and game consoles, they spread their personal information over several devices, unlike the average Baby Boomer, who may only have the use of the work laptop for personal activities.

Although experts agree companies are responsible for determining security protocols, employees should take more responsibility to follow those protocols. "63 percent of Employees Reuse Work Passwords, Millennials Are Biggest Offenders" (Nov. 12, 2020).

Commentary and Checklist

Over 40 percent of IT leaders estimate that they could reduce their risk of breach by almost half simply by eliminating passwords. Almost every security leader (86 percent) would do away with passwords if they could. Almost three-in-four (72 percent) are actively looking to replace passwords. However, until passwords are replaced by other means of access such as digital devices, security keys, a fingerprint scan or facial scan by webcam, or by using Bluetooth, USB, or NFC devices to authenticate their login, or by biometric means such as voice, retinal, fingerprint, or facial recognition, passwords are here to stay.

When it comes to storing passwords, surveys show users believe the best methods of storage are their own memory (38 percent); password management apps (27 percent); physical notebooks (26 percent); a note app (six percent); or a sticky note (three percent). Although 38 percent say memory is the best way to store passwords, 54 percent of them admit to occasionally forgetting their passwords.

Forgetting passwords and taking the time to come up with new passwords for every account cause many users to simply reuse their favorite password over many accounts. This is exactly what cybercriminals hope you will do. Most malware spreads because once it cracks one password on a user’s machine, it finds other accounts that use that same password. Therefore, the single best way to prevent the spread of malware once you are infected is to use different passwords for every account and to change those passwords regularly. Use a two-factor authentication system or a password manager. Neither requires you to recall complex strings of characters, and both better protect data.

Here are some signs of password theft: 

  • Your financial accounts have been taken over.
  • Friends and family are getting emails or messages you did not send.
  • Your Sent Messages folder has messages you did not send or it has been emptied.
  • You cannot log into your email or social media account.
  • Your computer or device is hijacked, and a demand is made for money to release your computer.
  • Your social media account has posts you did not make.
  • Medical insurance claims you did not submit are reported.
  • Multiple unauthorized income tax returns are filed in your name.
  • Utility services accounts have start/stop orders unauthorized by you.
  • Bank accounts are drained of money.
  • Despite a good credit rating, you are denied credit.
  • You receive notices or calls from organizations or collection agencies, demanding payment for products or services you did not purchase.
  • Unauthorized credit card activity.
  • Your Wi-Fi is hijacked.
Finally, your opinion is important to us. Please complete the opinion survey: