Debunking Internet Safety Myths

laptop and phone

Not only is June the beginning of the warm summer months and the un-official start to wedding season, but it’s also Internet Safety Month! If you want to enjoy the season and take a vacation from hackers, it’s time to be honest about your behaviors on the web. This is the perfect time to evaluate your practices when it comes to online security and see where you can make improvements. 

Let’s face it – many people are blurring the lines between fantasy and reality regarding their own cyber hygiene. And in our latest “Psychology of Passwords: Neglect is Helping Hackers Win” report, we uncovered several truths about internet safety practices that debunk some of the myths we have come to believe.  

Check out these 5 internet safety facts that debunk some security tales.  

Myth: Most people follow best security practices for their online accounts 

Fact: The reality is that the majority, 91%, recognize that using the same or similar passwords for multiple logins is a security risk, yet 58% do it anyway. These people mostly or always use the same password or variation of the same password. Does this sound like something you do? If so, cut that bad habit now! LastPass can help. 

Myth: It’s 2018, people have gotten better about how they save their passwords 

Fact: If only this were true for everyone. People still love a good, old fashioned spreadsheet. Our research found that 2 in 5 people (42%) keep passwords in a file on a mobile device, Word doc or Excel spreadsheet. While it’s important to keep track of your passwords and keep them in one, centralized place – a spreadsheet doesn’t have any built-in security or backup. This is one of the reasons why you need a password manager! 

Myth: People fear that they’ll be a hacker’s next target 

Fact: With all the breaches in the news these days, you’d think people would fear being a victim of a data breach. However, many individuals feel invincible when it comes to password security. In fact, 44% think their account isn’t valuable enough to make them worth a hacker’s time. But we know that’s not necessarily how it works –if a hacker got access to one of your re-used passwords through a 3rd party breach, anywhere you reused that same password would now be at risk when that hacker targets the next big company you may have an account with. 

Myth: After a major breach in the news, users would change their passwords as a precaution 

Fact: Today’s consumers are somewhat un-fazed by the news of a breach.  More than half of respondents (53%) have not changed a password in the last 12 months after a breach in the news. Just 55% would actually change their password if their account was hacked. This means that security-related events don’t spur action, and knowledge of best practices doesn’t necessarily translate to putting those into use. 

Myth: Sharing passwords from home to office does not create an increased security risk 

Fact: The average employee (using LastPass) is keeping track of 191 passwords. That’s way more than you could ever remember in your head! What’s frightening is that 47% of survey respondents admit there is no difference in passwords created for work and personal accounts. Which means that one re-used password has the power to compromise an entire organization’s network. A company’s network security is only as strong as their weakest link – the employees. Poor security habits can leave that door wide open for hackers. 

Myth: Of course people are cautious about what they share on social media! 

Fact: We found that 51% of people believe there is no way a hacker could guess one of their passwords from information they’ve shared on social media. But we know hackers aren’t dumb – if you’re being targeted and don’t have a strong password guarding your account, it would take a hacker seconds to do a search on your social media profile, learn the name of your pet, family member – even learn when your anniversary is—and use that info to guess your password. Don’t make it that easy for them – try to be a bit discreet on social media. 

So before you start planning your next weekend getaway – take a second to think about your internet safety and how you’re going to make some simple improvements to better your overall security online! 


  • Michael S. says:

    I have been on the Net since it was just a collection of Bulletin Boards. My first Desktop was a 386 running Win 3.
    I have ALWAYS been a security freak, both about My Home and computer. Anti-Virus S/W, Anti-Malware S/W, Firewalls have always been a part of my computer Life.
    But one of the best Security Protocols is a false profile. If the information you use is a creation of yours, it can not be traced back to you.
    This, coupled with limited Social Media use, “just family and REAL friends”, the use of VERY a secure browser, and regular scans have kept me safe and protected.
    In My Opinion, the best thing you can use to stay safe is Common Sense.

  • Slinky says:

    I used to worry about these sort of things a lot and for that very reason I stopped using the likes of Facebook or Friends Reunited. In my opinion such sites are an open shop for scammers. All my online activity is now done using a pseudonym (nickname) which my friends know but would be useless to cyber-criminals.

    Thankfully as a Last Pass user for a couple of years now my online security seems much less of a hassle and I’m free to get on with life with out the constant worry about those ‘ what if ‘ moments.

  • Nina says:

    Great suggestions!

  • Anonymous says:

    Editing mistake – word is “unfazed” not un-phased- [ Myth # 3]

    Otherwise good information

  • Barry says:

    Unfazed, not un-phased.

  • Justin March says:

    Awesome article Lauren.

    Am often telling friends to sort out their security, get 2 factor authentication etc. as well as Last Pass of course ;-)

    Trouble is even with mission critical logins like WordPress etc. until they’re hacked they just don’t see the need.

    It seems to me that people feel secure with their devices, and for most normal home users, unless they encounter a clear issue all is well.