Despite repeated warnings about the use of overly simple passwords or reusing the same password over again, a recent survey by Pew Research Center has found that poor password management and a lack of digital security practices is putting people at risk of damaging personal data breaches that could lead to identity or financial theft.

The Current State of Password Management

According to the research, almost two-fifths of Americans admit that they generally use passwords that are either the same or very similar to each other, in an attempt to make them easier to remember. Memorization is the primary method used to remember passwords — indicating that they’re simple rather than complex — followed by pen and paper. Simple passwords can be guessed or cracked with relative ease, and a password that has been written down can be found and used by another person.

Together, these two methods for password management are used most of the time by 83 percent of respondents. And the risks of these methods are clear: Of those who have experienced data breaches, 63 percent say that their primary method of password management is recalling passwords from memory.

Other ways that people are putting themselves at risk of data breaches are sharing passwords with family and friends, not updating smartphone apps and operating systems on a timely basis, and using unsecured Wi-Fi connections. They’re using these unsecured connections — such as those provided in cafes and libraries — even when performing sensitive transactions such as online banking. Updates often contain essential security patches, and public Wi-Fi connections are a common target for hackers.

Secure Your Business With Biometrics

White Paper

Explore the possibilities of biometric authentication in this white paper. Download Now

Another area of concern is that more than one-quarter of people don’t use a lock screen to prevent others from gaining access to their mobile devices, providing rich pickings for those looking to steal sensitive personal information. If a person doesn’t have a screen lock enabled, a hacker who is able to gain physical access to a device could also gain access to sensitive information stored on it.

Simple Best Practices for Improving Security

By making just a few changes, users can vastly improve their personal security. Among the practices that cybersecurity experts recommend is the use of password management software that helps users to store and manage passwords. Such applications can create strong passwords for users and store them in encrypted form, either on a device or in the cloud.

Another best practice is the use of stronger, two-factor means of authentication, such as a security token or one-time passwords sent to mobile devices via a text message, especially when accessing sensitive data or making financial transactions.

A majority of survey respondents (52 percent) say they use stronger authentication methods for at least one of their online accounts. Social identities, such as logins to social media sites, are used by 39 percent to log in to other online services, which at least means that they’re not having to remember or write down as many passwords, helping to improve security.

Increasingly, biometrics are being used as an alternative to passwords, providing much greater convenience for users, who don’t have to remember complex passwords or carry an additional form of authentication such as a token. Samsung Pass, which is available on the Samsung Galaxy S8, unlocks the potential of iris and fingerprint scanning across industries. It offers password-free login using biometrics that are extremely difficult to duplicate, providing the ideal blend of security and convenience. The 2017 Biometric Market Research Report shows that the biometric authentication market will grow at an average of more than 19 percent through 2021.

Using a Secure Mobile Platform

One of the best ways to improve mobile security and reduce the chances for data breaches is to use a device that offers a secure mobile platform to protect access to applications and the sensitive data they contain. By using a secure platform, all access is locked and protected with sensitive data encrypted. A platform that enables alternative forms of authentication, such as fingerprint scanning, can take away the stress and uncertainty of password management.

Passwords are the first line of defense against unauthorized access to sensitive data. With just a few small changes, risks can be reduced and users can feel confident that their valuable information is protected.

Advanced biometric technology on the Galaxy S8 allows users to unlock their phone simply with a look or touch.

Posts By

Fran Howarth

Fran Howarth is an industry analyst specializing in security. She has worked within the security technology sector for over 25 years as an analyst, consultant and writer. Fran focuses on the business needs for security technologies, with a focus on emerging technology sectors. Current areas of focus include mobile security, cloud security, information governance and data security, identity and access management, network and endpoint security, security intelligence and analytics, and security governance and regulations. Follow Fran on Twitter: @FranNL

View more posts by Fran Howarth