Your clients are getting the message that they need secure passwords and that public Wi-Fi isn't ideal for checking their bank accounts, but they aren't so clear about other cybersecurity principles, according to a study released Wednesday by Pew Research Center.
The survey, conducted in June among over 1,000 American adults, found that "a substantial majority" of internet users could only answer two out of 13 cybersecurity questions correctly.
They know that passwords with a mix of capital and lowercase letters, numbers and special characters are more secure (the survey didn't ask if they themselves are using a password like that, but three-quarters of respondents correctly picked the most secure password from a list).
They also know that just because they have to ask the barista for the Wi-Fi password doesn't mean the network is safe.
More technical questions were worryingly, if understandably, confusing to respondents. For example, less than half knew email and Wi-Fi networks aren't encrypted by default and just a third knew that the S in "https" means the information they enter on a website is encrypted. A virtual private network was almost completely foreign to respondents; just 13% knew the benefit of a VPN.
However, some cybersecurity issues that consumers should be familiar with were apparently confusing. Just 54% were able to identify a phishing attack out of several examples. Almost a quarter admitted they weren't sure which example they were given was a phishing attack.