Have you heard about Heartbleed? Yes? Then you belong to a minority. Following the Heartbleed threat, the bug that took advantage of a vulnerability in OpenSSL, AVAST conducted an online survey with 268,000 respondents worldwide and found that three out of four people were not aware of the the Heartbleed threat, which affected millions of sites and mobile apps.
AVAST then explained Heartbleed to these respondents. When asked if they would change their passwords after checking which sites were affected, nine out of ten said they would take action. This high number is interesting from a psychological standpoint as it shows how people think when initially confronted with a threat. People immediately plan on taking the appropriate measures to protect themselves against future threats, but how many actually follow through with their plans? In reality, less than half of people follow through with their security plans: Only 40% of the respondents who were aware of Heartbleed said they had actually changed their passwords. This number closely matches Pew’s Heartbleed report which found that 39% of Internet users have changed their passwords or canceled accounts.
"This kind of thing never affects me"
Many respondents, both those aware and unaware of the threat, said they don’t want to change their passwords because they don’t believe their accounts have been compromised. This makes one wonder if the 41% of respondents who were aware of the threat, but don’t believe they have been affected, either think the media has exaggerated the issue – or if they have a “this kind of thing never affects me” attitude. One in ten respondents believes that the next security breach will happen soon and they therefore don’t see the point in changing their passwords. This laissez-faire attitude could be caused by the fact that many have not seen concrete repercussions of the threat or have not yet been directly notified of the threat by the platforms they use. One of the most concerning facts revealed by the survey is that many people lack the know-how to protect themselves. One in ten respondents hasn’t changed their passwords because they don’t know how to change them.
Furthermore, almost half of both respondents, aware and unaware of the threat, said they would change their passwords once the affected platforms have implemented patches and informed them of the changes.
Passwords are like keys that protect our sensitive data online, just as locks protect the precious objects in our homes. It is recommendable to stay away from affected sites that have not yet issued patches. Once sites have implemented the necessary fixes, passwords should be changed and strengthened with the same manner of urgency as you would change the locks on your home if you were to lose your keys or if your key were to get stolen.
Use a password manager to protect all of your accounts with ironclad passwords
Changing and memorizing new passwords over and over again isn’t easy, especially since passwords should consist of at least eight characters – or according to latest recommendations even sixteen or more. They should include a mix of letters, numbers and symbols.
A password manager like our avast! EasyPass helps encrypt and protect personal information online. avast! EasyPass creates strong, random passwords of up to 512 characters and secures your information via military-grade encryption, making password management simple and secure. avast! EasyPass is currently available at a discounted price of $9.99 a year.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.