Most of us still trust passwords, despite AI security risks

News
By
published

Passwords are proven to be weak, yet the majority are still clinging on

Shadowed hands on a digital background reaching for a login prompt.
Image Credit: Shutterstock (Image credit: Shutterstock)

The majority of users still protect their prized virtual possessions with nothing more than passwords, despite the method being deemed susceptible to all sorts of attacks, a new report from Yubico has claimed.

The hardware authentication key provider surveyed 20,000 people around the world to gauge their perception on cybersecurity, and found the majority (58%) still use usernames and passwords to log into personal accounts (as opposed to biometrics, for example). Furthermore, 54% use the same method to log into work accounts.

At the same time, many (39%) are under the impression that the username and password is the most secure means of authentication. A similar percentage (37%) think the same of SMS-based authentication, despite both being proven to be susceptible to phishing.

Compromised accounts

Interestingly enough, the vast majority of respondents - 72% - is also aware that online scams and phishing attacks have become more sophisticated. For two-thirds (66%), they’ve also gotten more successful. They all agree that the rapid advancement of Artificial Intelligence (AI) played a key role in this.

As a result, people lose access to their accounts all the time. The most commonly compromised passwords are also the ones protecting the most valuable of possessions - personal and financial information. That being said, social media accounts are most often breached (44%), followed by payment app accounts (24%), online retailer accounts (21%), messaging apps (17%), and banking apps (13%).

To add insult to injury, 40% of respondents never received any form of cybersecurity training from the organization they work for. Furthermore, just a quarter (27%) believe the security options their businesses placed are sufficient.

“This includes adopting stronger authentication methods to become phishing-resistant, fostering a culture of security awareness through consistent employee training, and more,” said Derek Hanson, VP of standards and alliances at Yubico.

“Ultimately, building a unified front against cyber threats requires a concerted effort to bridge the gap between perceived and actual security. By integrating advanced security measures into all aspects of our digital lives, we can better protect ourselves, our data, and our organizations.”

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.