Swedes on digital security
In spring 2020, we commissioned PFM Research to interview 1,000 Swedish people and hear what they had to say about digital security and password management – both at work and at home. One of the findings from the survey was that there are weaknesses with the written password, linked to the human factor. Four out of ten respondents revealed that they use the same password(s) at work and at home. Naturally, this is something cybercriminals are also aware of, which is why they actively attempt to steal private passwords in the hope of being able to use them again later at their targets’ employers.
We live in a digitalised world: a world that is almost like a separate country or continent, governed by its own rules, regulations, security measures and – of course – codes. It is a complicated world in many respects, but also a natural part of our everyday working life and free time. So we decided to examine the level of security in this digital world. How do we identify ourselves? How securely do we behave? Are we becoming more anxious as this world continues to develop?
Some results are more eye-catching than others
Written passwords remain the dominant login method, both at the workplace and at home. For work-related logins, almost all workplaces – fully nine out of ten – use this approach. This means that workplaces accord remarkably low priority to their IT security, given that written passwords are the form of identification that non-authorised parties find it easiest to discover or figure out. What is more, a high proportion of respondents (four out of ten) use the same password at work and at home, and almost half save their passwords automatically at their workplace. In other words, a great many people handle what is already an insecure method of identification badly.
E-identification is viewed positively, however, and constitutes one of the most common login methods in private settings. Some people also use this approach at work, and four out of ten are considering doing so. The problem with using e-identification at work is that it entails vouching for a given piece of information in the capacity of yourself as a private individual. Put another way, you should use separate methods to identify yourself at the workplace and at home. It is important that, as an employee, you are conscious of the difference between private e-identification and a work-related counterpart.
Digital trespass and breaches of security are becoming increasingly problematic. The survey reveals that there is widespread concern about this issue at workplaces, even though almost all companies have introduced guidelines for digital security. In the context of private life, the fear of digital trespass is even greater, with four out of five respondents stating that they are worried about being affected. Fears are greatest with regard to bank information, but there is also general unease about being monitored. It is notable that young people are more concerned about being watched than older people.
In conclusion, it is extremely interesting that one of the oldest methods of digital identification – the password – is still going strong. While all other digital development has accelerated, this aspect has remained the same – even though it fails to provide the level of security we need today. This report makes it clear that unease and uncertainty are widespread in the digital world today. In other words, highlighting this unease – and our own insecure behaviour – is a significant step in the direction of creating a safer working environment, and of safeguarding our privacy.
Read the full report
If you would like to read the full findings from the survey, click here to download the entire report (in Swedish) entitled Svenskarna om digital säkerhet och användningen av lösenord (Swedes on digital security and the use of passwords).