The majority of users still protect their valuable virtual assets with nothing more than passwords, despite the method being considered susceptible to all kinds of attacks, a new report from Yubico claims.
The hardware authentication key provider surveyed 20,000 people around the world to gauge their perceptions about cybersecurity, and found that the majority (58%) still use usernames and passwords to log into personal accounts (as opposed to biometrics, for example) . Additionally, 54% use the same method to log into work accounts.
At the same time, many (39%) feel that the username and password are the most secure means of authentication. A similar percentage (37%) feel the same about SMS-based authentication, despite both being proven to be susceptible to phishing.
Compromised accounts
Interestingly, the vast majority of respondents (72%) are also aware that online scams and phishing attacks have become increasingly sophisticated. For two-thirds (66%), they have also become more successful. They all agree that the rapid advancement of artificial intelligence (AI) has played a key role in this.
As a result, people are constantly losing access to their accounts. The most compromised passwords are also those that protect the most valuable assets: personal and financial information. That said, social media accounts are the most frequently hacked (44%), followed by payment app accounts (24%), online retailer accounts (21%), messaging apps (17%), and banking apps (13%).
To make matters worse, 40% of respondents have never received any form of cybersecurity training from the organization they work for. Furthermore, only a quarter (27%) believe the security options their companies have in place are sufficient.
“This includes adopting stronger authentication methods to become phishing-resistant, promoting a culture of security awareness through consistent employee training, and more,” said Derek Hanson, VP Standards and Alliances at Yubico.
“Ultimately, building a united front against cyber threats requires a concerted effort to bridge the gap between perceived and actual security. By integrating advanced security measures into all aspects of our digital lives, we can better protect ourselves, our data and our organizations.”