Adobe Security Survey · Passwords • Fewer than one fourth of people use distinct passwords for each of their accounts • Many people store their passwords where others canfind
Post on 27-May-2020
2 Views
Preview:
Transcript
Adobe Security SurveyOctober 2016
Edelman + Adobe
EDELMAN INTELLIGENCE
Methodology
© COPYRIGHT 2016 DANIEL J EDELMAN INC.
I N TROD U CTI ON
Who?How many?
How?Nationally representative
sample of computer-owning
adults
Total: 2,001
Margin of error: ±2.2%
Millennials (636), Gen X (715), & Baby Boomers (650)*:
Margin of error: ±3.9%
Men (1,003) & Women (998)
Margin of error: ±3.1%
Online Quantitative
Survey
Coinciding with National Cyber Security Awareness Month (NCSAM), Edelman Intelligence, on behalf of Adobe, conducted a nationally representative survey of ~2,000 computer-owning adults in the United
States to gain insights into consumer behaviors around software updates, password control, and phishing.
When?September 7, 2016 –
September 16, 2016
*For the purposes of this study, Millennials are ages 18-34, Gen Xers are ages 35-54, and Baby Boomers are 55 or older
EDELMAN INTELLIGENCE
Key Findings Software Updates
• Almost two thirds of people update their software immediately
• Security and crash control are top reasons for updating software
• For those who do not update their software (a small subset), the top reason is they don’t trust that the update is legitimate
• Perceptions around software updates are genuinely positive
Passwords
• Fewer than one fourth of people use distinct passwords for each of their accounts
• Many people store their passwords where others can find them
• A majority of people do not update passwords regularly or frequently
Phishing
• While almost three fourths of people say they can identify phishing emails, more than one third believe they have been victims of phishing
• Four out of ten people would still open an email from an unknown sender, with Millennials the most gullible
© COPYRIGHT 2016 DANIEL J EDELMAN INC.4
Software Updates
EDELMAN INTELLIGENCE
Most people update their software when updates are first released
D ETA I L ED FI N D I N GS
Q1: Do you typically update the software on your computer when new updates are released? A software update is a (generally free) download that provides fixes for features that aren't working as intended or for security issues, or that adds minor software enhancements or compatibility with other software or hardware. Software updates are typically available directly through the software program or via the software maker’s website.
64%
30%
4% 1%
Yes, I do It varies depending on what the update is/is for
No, I don’t I’m not sure
Tendency to Update Computer SoftwareShowing total
EDELMAN INTELLIGENCE
Among those who typically update their software, security and crash prevention are top determinants
D ETA I L ED FI N D I N GS
Q3: You mentioned you typically update the software on your computer when new updates are released. Which, if any, are your reasons for doing so? Please select all that apply.
68% 68%62%
55%
36%
25%
It is important to install updates to keep my
computer safe and secure from hackers
Updating ensures my software is free of bugs and
runs more smoothly / crashes less often
I want to make sure all my devices, softwares,
programs, etc. remain compatible
I want to make sure I have the latest and greatest
features
I assume I have to or else I would compromise the
effectiveness of my software
I get sick of the reminders to update my software
Reasons for Updating SoftwareShowing those who typically update their software
EDELMAN INTELLIGENCE
Among the 1 in 3 who update their software on a variable basis, the types of fixes/improvements provided in an update are a determining factor
D ETA I L ED FI N D I N GS
Q2: What criteria do you consider when deciding whether or not to update your software? Please select all that apply.
63%
52%
52%
47%
46%
46%
40%
4%
The fixes or improvements provided in the update
How busy I am at the time
New features provided in the update
The time it takes to download/install the update
The software program
The software functionality
The software provider
Other
Decision-Making Criteria for Updating SoftwareShowing those whose updating habits vary
EDELMAN INTELLIGENCE
Among the vast majority who typically update, a plurality choose to be prompted as updates become available
D ETA I L ED FI N D I N GS
Q5: How do you typically update your software?
41%
34%
12%
9%
3%
0%
I typically choose to be prompted when new software updates are available
If the software has the option to install updates automatically without me being prompted or having to take any action, I choose this option
It varies depending on the software
I manually check for updates (e.g., via the menu option in the software itself or on the company's website)
I didn’t know there was more than one way to update software
None of the above
Typical Software Update MethodsShowing those who typically update their software
Baby Boomers who typically update their
software are more likely to choose automatic updates than Millennials (38% BB,
34% GX, 31% Mill)
EDELMAN INTELLIGENCE
Among those who typically update their software and choose to be prompted as updates become available, 1 in 3 update on the first notification; most require between 2 and 5 notifications
D ETA I L ED FI N D I N GS
Q8: If you receive update notifications, approximately how many times (on average), do you need to see a prompt to update the software on your computer before you actually do it?
36%
39%
21%
2%
2%
0%
0%
1
2
3 to 5
6 to 10
More than 10
I never update software on my computer
I update software on my computer but I don't receive update notifications/prompts
Average Number of Notifications Needed Before UpdatingShowing those who typically update their software and choose to be prompted when updates are
available
2 - 5
Major generational decline in updating after one prompt:
Millennials least likely to do so and Baby Boomers most likely (23% Mill vs 39% GX & 45% BB); Millennials are more likely to
need 3-5 notifications than their older counterparts
(30% Mill vs 21% GX & 12% BB)
First notification
Reminders
EDELMAN INTELLIGENCE
Of the small subset of respondents who do not typically update their software*, the # 1 reason cited is a concern an update may not be legitimate
D ETA I L ED FI N D I N GS
Q6: You mentioned you typically don’t update the software on your computer when new updates are released. Which, if any, are your reasons for not doing so? Please select all that apply. *Note: N is under 100, and therefore data is directional in nature
35%
27%
26%
26%
25%
25%
19%
17%
17%
2%
I don't always know if an update is legitimate vs a virus/malware/from a hacker
The timing of updates is often inconvenient (e.g., when I am in the middle of something)
I don't understand what software updates do
Updating takes too long / I don’t have time
Someone else updates my software for me
I don’t care about having up-to-date software
I don't think there is a benefit to updating my software
Installing updates can slow my computer down or make it crash
I forget to actually install them
I don't trust the software company providing the update
Reasons for Not Updating SoftwareShowing those who do not typically update their software*
(31 respondents)
(24 respondents)
(23 respondents)
(23 respondents)
(22 respondents)
(2 respondents)
(22 respondents)
(17 respondents)
(15 respondents)
(15 respondents)
EDELMAN INTELLIGENCE
A majority are equally or more diligent in updating mobile devices vs computers
D ETA I L ED FI N D I N GS
Q10: Compared to your computer(s), are you more or less diligent when it comes to installing updates on your…?
35%
48%
17%More diligentEqually diligentLess diligent
18%
58%
24%
Compared to their computer(s), consumers are…
when it comes to installing updates on their…
Smartphone TabletMillennials are most likely to be more diligent in updating their smartphones (45% Mill, 34% GX, 20% BB) and more likely than Baby Boomers to be more diligent
in updating their tablets (22% Mill vs 15% BB)
EDELMAN INTELLIGENCE
People recognize the importance of software updatesD ETA I L ED FI N D I N GS
Q9: Please complete the following sentence with the answer that best matches your opinion: I find updating software to be…?
3% 19% 20% 38% 21%
I Find Updating Software to be…Showing total
A total nuisance. They interrupt my computer use, so I hardly ever accept
software updates.
Somewhat inconvenient. I usually delay software updates until it’s
absolutely necessary.
Helpful. It reminds me that I need to update my software so I can
continue to be productive.
78% value software updates
Important. Having up-to-date software helps me protect my files and personal
identity.
Absolutely critical. I never want to put my personal or professional
information at risk.
Recognizing the value of updates is lowest among
Millennials (72% Mill, 80% GX, 82% BB); 1 in 4 Millennials find updates somewhat inconvenient
EDELMAN INTELLIGENCE
But general knowledge is relatively low…
D ETA I L ED FI N D I N GS
Q7: To what extent would you agree or disagree with each of the following statements?
11% 7% 8%27% 20%
16% 16% 14%
25%25%20% 26% 30%
24% 33%22% 25% 23%
15% 14%32% 26% 25%9% 8%
I know how to check if any of the software on a computer
needs to be updated
I have a clear understanding of what software updates do
and what the benefits of updating are
I update security software more often than other
softwares
I don’t really understand how software works in general
Downloading software updates can make my
computer more vulnerable
Software OpinionsShowing total
Strongly agree
Somewhat agree
Neither agree nor disagree
Somewhat disagree
Strongly disagree
Baby boomers are less likely than their younger counterparts to know know how to check if software
needs to be updated (49% BB, 55% GX, 58% Mill)
Total Agree 54% 51% 48% 24% 22%
© COPYRIGHT 2016 DANIEL J EDELMAN INC.14
Passwords
EDELMAN INTELLIGENCE
Consumers have lots of accounts to keep track of
D ETA I L ED FI N D I N GS
Q11: Approximately how many password-protected accounts do you have? Please consider accounts such as email, banking, entertainment (e.g., Netflix, social media), shopping, etc.
1%
68%
21%
9%
None 1 to 25 26 to 50+ Not sure…I lost track!
Number of Password-Protected AccountsShowing total
EDELMAN INTELLIGENCE
3 in 4 recycle their passwords across various accounts
D ETA I L ED FI N D I N GS
Q12: When signing up for password-protected accounts, which of the following best characterizes how you choose your passwords?
17%
28%31%
24%
I generally use the same password everywhere
I use unique passwords for my most sensitive accounts (e.g., banking, credit
card accounts, etc.) but for the most part I use the same passwords for my password-
protected accounts
I may use the same password on a few sites, but for the most part, I have unique
passwords for my password-protected accounts
I use a different password for each of my online accounts
Password Selection MethodShowing those with password-protected accounts
Millennials are least likely to use different passwords
for each account (18% Mill, 26% GX, 27% BB)
EDELMAN INTELLIGENCE
More than half (53%) use note-based methods to keep track of passwordsD ETA I L ED FI N D I N GS
Q13: How do you keep track of the password(s) for your password-protected accounts? (Please select all that apply)
50%
38%
12% 11% 10%
Memory - I can easily remember my password(s)
I keep a printed or handwritten list close to my computer
I save my passwords in a document on my computer
I use password management software
I keep a list in the Notes app on my cell phone
Ways of Keeping Track of Account PasswordsShowing those with password protected accounts
Note-based methods Note-based methods
EDELMAN INTELLIGENCE
Millennials favor memory methods, while Baby Boomers favor note-based
D ETA I L ED FI N D I N GS
Q13: How do you keep track of the password(s) for your password-protected accounts? (Please select all that apply)
69%
22%17%
52%
35%
9%
29%
56%
5%
Memory - I can easily remember my password(s) I keep a printed or handwritten list close to my computer I keep a list in the Notes app on my cell phone
Ways of Keeping Track of Account PasswordsShowing those with password-protected accounts by generations, significant differences only
Millennials Gen X Baby Boomers
68% of Baby Boomers use note-based password
management (a handwritten list, password document saved on their computer, or list in the notes
app of their phone) vs 49% of Gen X and 42% of Millennials
EDELMAN INTELLIGENCE
The most common criteria in selecting passwords is securityD ETA I L ED FI N D I N GS
Q14: Which of the following criteria do you consider when selecting a new password? (Select all that apply)
49%43% 41% 40% 39%
6% 5% 5%
Secure (e.g. a mixture of letters,
numbers and special characters, and more
than 10 characters)
Meets the advice or requirements of the
website or app
Meaningful to me, but not to anyone
else
Hard for others to guess
Easy to remember No special characters Sentences instead of words
Short (no more than six characters)
Password-Selection CriteriaShowing those with password-protected accounts
Baby Boomers are most likely to rely on website and app requirements to select
their passwords; Gen X is least likely, with Millennials falling in-between
(44% Mill, 36% GX, 48% BB)
EDELMAN INTELLIGENCE
But no matter the standard, the majority doesn’t update passwords regularly or frequently
D ETA I L ED FI N D I N GS
Q15: On average, how often do you change your passwords?
34%
28%
10%
14%
8%
1%4%
Rarely (less often than once a year on average)
Regularly (on average at least once a year)
Frequently (on average at least once every
month)
Only when prompted by the site
Only if I forget my password and have to
reset it
It depends on the account
Never
Frequency of Password ChangesShowing those with password-protected accounts
Millennials are most likely to admit they rarely change their passwords
(39% Mill, 29% GX, 33% BB); Gen X more likely to change passwords
regularly than Millennials (31% GX, 24% Mill)
© COPYRIGHT 2016 DANIEL J EDELMAN INC.21
Phishing
EDELMAN INTELLIGENCE
Most believe they can identify phishing Millennials are most confident
D ETA I L ED FI N D I N GS
Q20: Do you believe you are generally able to tell a phishing email from a legitimate email? Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a legitimate, reputable entity or person in email, IM or other communication channels.
70%
11%
18%
Yes
No
Unsure
Perceived Ability to Identify Phishing EmailsShowing total
Millennials are considerably more likely to believe they can identify a phishing email than
their older counterparts(80% Mill, 69% GX, 63% BB)
EDELMAN INTELLIGENCE
Yet nearly 4 in 10 believe they may have been victims of phishing
D ETA I L ED FI N D I N GS
Q22: Do you believe you have ever been the victim of phishing?
19% 19% 19%
43%
Yes, I know I have Yes, I believe I have but am not certain I have no idea No, I do not believe I have ever been a phishing victim
Phishing VictimizationShowing total
38% say YES
Millennials are more likely than their older counterparts to say they have not been victimized
(49% Mill, 41% GX, 40% BB)
EDELMAN INTELLIGENCE
With emails, people are suspicious of many different items; whether or not the sender is known is a key indicator
D ETA I L ED FI N D I N GS
Q21: What criteria do you use to determine whether an email is legitimate or not? Please select all that apply.
67% 66% 63%58% 58%
54%50% 49% 46%
Whether or not I know the sender
Email address of sender
Email requests personal
information
Subject line Name or title of sender
Email discusses money, banking, or
finances
Presence of unrequested attachments
Presence of unrequested links
Address of unrequested links
Criteria Used to Determine Email LegitimacyShowing those who believe they can identify a phishing email
EDELMAN INTELLIGENCE
But 4 in 10 would open an email from an unknown sender Millennials are most likely to take actions that may put them at risk
D ETA I L ED FI N D I N GS
Q16: Do you typically open emails you receive from unknown senders?
8%10%
22%
1%
15%
44%
Yes, I always open the emails I receive
Yes, but only if the subject line or email
preview content interests me
Yes, but only if the email appears
legitimate despite the fact that I do not
personally know the sender
Yes, for another reason Only by mistake No, I never open emails from unknown senders
Behavior Around Opening Emails From Unknown SendersShowing total
41% say YES
More than half of Millennials open emails from unknown senders (52% Mill, 38% GX, 33% BB);
Half of Baby Boomers never open emails from unknown senders, even by mistake (34% Mill, 46% GX, 50% BB)
EDELMAN INTELLIGENCE
1 in 3 would be more likely to open an email if it appeared to be from a service they use – a common ploy among phishers
D ETA I L ED FI N D I N GS
Q17: What would make you more likely to open an email from an unknown sender? Please select all that apply*Answer choice asked of those who work full or part time only
33%
25%
15%
10%
10%
9%
4%
41%
If the sender appeared to be affiliated with a service I already use (e.g., my bank, asocial media site I belong to, etc.)
If the sender seemed important (for example, emails from job recruiters, etc.)
If the subject was about re-setting an account password – I want to make sure no onehas hacked my accounts.
If the subject line or email preview discussed financial matters – I want to make sure Idon’t accidentally ignore something important.
If it were sent to my work email – I want to be sure I’m on top of all my workcorrespondence.*
It was sent to my personal email – I’m always connecting with new people and want tomake sure I don’t miss any opportunities.
If there was an attachement included
None of the above
Scenarios That Would Increase Likelihood of Opening Emails From Unknown SendersShowing total
EDELMAN INTELLIGENCE
Millennials are the most likely to open email from an unknown sender
D ETA I L ED FI N D I N GS
Q17: What would make you more likely to open an email from an unknown sender? Please select all that apply
39% 37%
21%
13% 15%12%
8%
26%30%
24%
12%8%
11% 9%4%
43%
29%
14% 12%8%
4%8%
2%
53%
If the senderappeared to beaffiliated with aservice I already use
If the sender seemedimportant
If the subject wasabout re-setting anaccount password
If the subject line oremail previewdiscussed financialmatters
If it was sent to mywork email*
If it was sent to mypersonal email
If there was anattachment included
None of the above
Scenarios That Would Increase Likelihood of Opening Emails From Unknown SendersShowing total by generations
Millennials Gen X Baby Boomers
EDELMAN INTELLIGENCE
Nearly half of those who would open an email from an unknown sender would also click on a link in the emailThis rises to more than half of Millennials
D ETA I L ED FI N D I N GS
Q18: Do you typically click on links in emails you receive from unknown senders?
7%
13%
27%
13%
39%
Yes, I always click on the links in emails I receive
Yes, but only if the linked site or content interests me
Yes, but only if the email appears legitimate despite the
fact that I do not personally know the sender
Only by mistake No, I never click on links in emails from unknown senders
Behavior Around Clicking Links in Emails From Unknown SendersShowing those who open emails from unknown senders
47% say YES
Among those who open emails from unknown senders, Millennials are most likely to click links
present (54% Mill, 49% GX, 37% BB)
EDELMAN INTELLIGENCE
4 in 10 would open an attachment Again, half amongst Millennials
D ETA I L ED FI N D I N GS
Q19: Do you typically open attachments you receive in emails from unknown senders?
6%10%
24%
10%
50%
Yes, I always open the attachments in emails I receive
Yes, but only if the email subject line, the file name or the attachment description
interests me
Yes, but only if the email appears legitimate despite the
fact that I do not personally know the sender
Only by mistake No, I never open attachments in emails from unknown
senders
Behavior Around Opening Attachments in Emails From Unknown SendersShowing those who open emails from unknown senders
40% say YES
Among those who open emails from unknown senders, Millennials are nearly twice as likely as
Baby Boomers to open attachments present (50% Mill, 42% GX, 26% BB)
Thank You
top related