recommended reading

Not Even Being Hacked Can Get Americans to Change Their Crappy Passwords


Between hacking, phishing and the internet of things, cyberattacks are a growing threat—and most Americans seem to know that. They just can’t be bothered to do anything about it.

According to a survey of 1,040 U.S. adults by the Pew Research Center, a majority of Americans have experienced some sort of data breach, with credit card fraud being the most common. More than a third have had sensitive information—financial, health, or other personal data—compromised, and 15 percent have had their Social Security number compromised.

Americans are also feeling the anxiety caused by a slew of massive hacks and cyberattacks. Distributed denial-of-service attacks, like the one that temporarily took down Twitter and Spotify in October, grew 30-fold between 2011 and 2014. Pew’s survey found nearly half of Americans believe their personal information is less secure now than it was five years ago.

Americans don’t put much stock in the public or private sector’s capacity to prevent hacks, either. Some 28 percent expressed a lack of confidence in the federal government’s ability to keep their personal information safe; 24 percent said the same about social media; 15 percent about credit card companies, cell service providers and companies they do business with; and 13 percent about cellphone manufacturers and email providers.

And yet, a majority of Americans continue to engage in digital practices that make it easier for hackers to gain access to their info. More than half use (insecure) public Wi-Fi networks on their phones. Forty-one percent share online passwords with friends and family members, 39 percent use similar passwords across multiple accounts, and 25 perecent use simple easy-to-guess passwords.

“[Sixty-nine percent] of online adults say they do not worry about how secure their online passwords are—more than double the share (30 percent) that admits to having worries about their personal password security,” Pew found. (One bright spot: More than half of online adults said they use two-step authentication on at least some of their online accounts.)

Pew’s survey backs up other findings on Americans’ cybersecurity habits. A data-dump of user passwords from music-streaming platform found “123456” and “password” are still among the commonly used.

While the administration being ushered in President Donald Trump has yet to outline plans for dealing with cybersecurity, there have been some worrying signs. Trump has allegedly refused to give up his own personal (non-secure) Android phone, and the head of Trump’s cybersecurity group—former New York City Mayor Rudy Giuliani—has a company website laden with security pitfalls. Trump’s cabinet has also emphasized the threat of terrorism far more than threats perpetrated by “cyber superpowers” like Russia and China.

“Fully 70 percent of Americans expect that the United States will definitely (18 percent) or probably (51percent) experience a significant cyberattack on its public infrastructure (such as air traffic control systems or power grids),” Pew found. Similar proportions of the public shared concern about breaches in the banking and financial sectors.

So Americans are worried… just not enough to protect themselves. Maybe Trump—a devoted adherent of printouts, PDFs and courier service—has it right after all.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.