Blog Data Security

Do Americans Ever Change Their Passwords?

Just how cautious are Americans when it comes to cybersecurity? In today’s hyper-connected, highly-digitized society, data breaches are becoming increasingly commonplace. And they affect both corporations and individuals. In 2017...
Rob Sobers
2 min read
Last updated October 14, 2022

Contents

    Just how cautious are Americans when it comes to cybersecurity?

    In today’s hyper-connected, highly-digitized society, data breaches are becoming increasingly commonplace. And they affect both corporations and individuals. In 2017 alone, the Equifax breach — considered by some to be the worst security breach in recent history — put 145.5 million Americans at risk of exposed information and identity theft.

    Get the Free Pen Testing Active Directory Environments EBook

    “This really opened my eyes to AD security in a way defensive work never did.”

    Additionally, a Gmail phishing attack last year put 1 million users at risk of exposed information, and an Instagram hack revealed the contact information of 6 million users. Yahoo also revealed that a 2013 data breach affected the private information associated with all of their users — 3 billion in total.

    According to the Pew Research Center, 64 percent of Americans have experienced some type of data breach in their lifetime. Despite this, the center found that the majority of Americans fail to follow cybersecurity best practices in their own digital lives.

    In an effort to uncover more on password security habits (and associated feelings of cybersecurity), we put these numbers to the test. Read on to discover what we found after surveying 1,000 Americans.

    Americans and Password Security

    While cyberattacks are top-of-mind for many Americans, first-hand experiences and worry about imminent attacks doesn’t seem to get people to change their digital habits.

    Despite the Pew Research Center’s report that the majority of Americans have personally experienced a major data breach and even anticipate an attack within the next five years, the majority of adults surveyed still seem largely unconcerned with personal password safety.

    The most common reason users change their passwords is because they’ve simply forgotten their current one. Half of people surveyed cited this as the most common reason to change a password. In contrast, despite the increasing amount of hacks in the news cycle, only 1 in 5 Americans said they change their password as a result of a hack in the news.

    americans changing their passwords data

    Which Password Is Changed Most Often?

    Our research revealed that the most common password Americans change is the password to their online banking or loans account, at 29 percent.

    which passwords do americans change data

    This is perhaps unsurprising, considering that financial security is one of the major concerns for Americans when it comes to cybersecurity. According to Pew, 66 percent of Americans anticipate the banking and financial systems to experience major cyberattacks in the near future, 41 percent say that they’ve experienced credit card fraud, and 14 percent have had loans taken out in their name.

    However, recent hacks in the news have shown that individual users are increasingly affected across a number of entities, including email, social media, online shopping, and software and applications.

    How Are Passwords Saved?

    Our research also found that the majority of Americans use memorization or pen and paper to keep track of their passwords.

    This is in contrast to the password best practices outlined by cybersecurity professionals, which recommend using third-party password management services, changing passwords on a regular basis and most importantly, never leaving passwords accessible or in plain text.

    how do americans remember passwords

    Although there are some memory tricks you can use to remember complex passwords, memorization can be difficult, given that ideal passwords are meant to be a combination of letters, numbers and symbols. Additionally, using the same password for different sites isn’t recommended.

    Despite the fact that password management services are the easiest and most highly recommended form of keeping passwords safe, only 7 percent of respondents said that they use this kind of software to keep track of their passwords.

    We found that the biggest demographic difference in how people manage and remember their passwords is between men and women. Both men and women agree that memorization is the best way to remember a password. However, men are considerably more likely to use password managing software.

    men vs. women password management data

    In all, there seems the be a major discrepancy between Americans’ real-life experiences with cyber breaches and their personal online practices. Learn more about how Americans approach cybersecurity and password security by downloading our full infographic, below.

    click to download button

    What should I do now?

    Below are three ways you can continue your journey to reduce data risk at your company:

    1

    Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

    2

    See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

    3

    Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

    Rob Sobers
    Rob Sobers Rob Sobers is a software engineer specializing in web security and is the co-author of the book Learn Ruby the Hard Way.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    do-executives-and-cybersecurity-pros-agree-on-today’s-biggest-cyber-threats?
    Do Executives and Cybersecurity Pros Agree on Today’s Biggest Cyber Threats?
    do-executives-and-cybersecurity-pros-agree-on-today’s-biggest-cyber-threats?
    Rachel Hunt
    March 29, 2020
    Breaches cost companies billions, erode trust and can have a long-lasting negative impact on a company’s brand. With so much as stake, we wondered: are C-Suite executives aligned with their...
    everything-you-need-to-know-about-cyber-liability-insurance
    Everything You Need to Know About Cyber Liability Insurance
    everything-you-need-to-know-about-cyber-liability-insurance
    Josue Ledesma
    July 7, 2021
    Cyber insurance is a necessary component of any IT or cybersecurity department responsible for protecting the assets, data, reputation, and bottom line of a company in the face of cybersecurity…
    polyrize-acquisition
    Polyrize Acquisition
    polyrize-acquisition
    Yaki Faitelson
    October 26, 2020
    I’m excited to announce today our agreement to acquire Polyrize, a software company whose team and products are a natural fit as part of the Varonis family. This is the first company Varonis has acquired, and I want to give you some background on the strategic rationale for today’s announcement.
    what-is-cyber-espionage?-complete-guide-with-protection-tips
    What is Cyber Espionage? Complete Guide with Protection Tips
    what-is-cyber-espionage?-complete-guide-with-protection-tips
    Robert Grimmick
    June 16, 2022
    Cyber espionage is the unauthorized use of computer networks to access privileged information. Read on to learn more about this growing worldwide problem.