Password Security in 2025: Americans Aren’t as Tech-Savvy as They Think

by Trevor Wheelwright
Edited by Jessica Brooksby

Mar 26, 2025 | Share
Data and Research, Trends

Most Americans (91%) consider themselves tech-savvy, spending an average of six hours a day online across at least five devices. Still, many fall short when tested on basic password security and online safety. It turns out that we know more about Taylor Swift’s dating history and Friends trivia than how to keep our personal data locked down.

Far too many of us still rely on weak passwords, reuse login credentials across multiple accounts, or trust public Wi-Fi at the coffee shop for sensitive activities.

Our recent survey revealed some surprising—if not alarming—gaps in online security knowledge, especially compared to our pop culture know-how. Let’s explore the difference between what we think we know about online safety and what’s actually happening, with a few fun pop culture facts thrown in for perspective. Hopefully, this will inspire us to rethink our priorities regarding securing our digital lives.

Expectation vs. reality: Most Americans fail basic online safety

Think your online security skills are solid? Our survey says otherwise—many of us still make risky mistakes online. Protecting your accounts with strong passwords should be a no-brainer, but what we think we know about password security doesn’t always match up with what we actually do.

hsi-password-security-knowledge-do's-and-dont's

Password safety

Sure, you know the basics of password protection, but will you put them into practice? Let’s take a look at how Americans handle password safety.

Expectation: Passwords must be unique, unidentifiable, and unguessable.

Reality: One in three people still use an important date or anniversary in their password—making it easy for hackers to guess based on this easily identifiable, and sometimes public, information.

Expectation: We always use new, unique passwords for different accounts.

Reality: Most people (80%) don’t use unique passwords, and 14% reuse the same password for nearly all their accounts, making it easier for cybercriminals to access multiple platforms.

hsi-password-security-knowledge-1-in-3-americans

Expectation: We remember a few crucial passwords and let password managers help keep our account secure.

Reality: Over 75% of people aren’t managing their passwords safely, and only a third are following best practices like using a password manager.

Expectation: We should change our passwords whenever we get a data breach alert and as a yearly routine.

Reality: Only one in four people follow standard password management procedures, even though over 2,400 cybersecurity breach complaints are filed daily (or 758,000 annually).

hsi-password-security-knowledge-2400-breaches-daily

Should you change your password regularly?

The National Institute of Standards and Technology (NIST) now discourages frequent password changes, which could encourage unsafe behavior like reusing old passwords with slight variations.

Instead, it emphasizes using password managers to build strong, unique passwords for each account, changing passwords once a year, and enabling multi-factor authentication (MFA) to enhance security.

Browsing safety

In addition to managing secure passwords, you must be sure you’re browsing the internet safely. You may know how to protect your home Wi-Fi network, but are you being more cautious on public Wi-Fi?

Expectation: Users know to avoid accessing sensitive sites or using important credentials on public Wi-Fi, even when using HTTPS.

Reality: 20% of Americans still believe public Wi-Fi is safe for banking or shopping if the site uses HTTPS. However, it’s only a layer of protection and should still be used with caution.

hsi-password-security-knowledge-1-in-5-americans

Expectation: Most people know how to use a VPN to browse more securely.

Reality: 77% of people say they know what a VPN is, but 40% couldn’t tell us what it stands for (virtual private network).

Americans may prioritize pop culture over online protections—but we can change

When it comes to pop culture, we’ve all got the knowledge of a seasoned trivia champ. After all, 68% of us can remember the name of the coffee shop in Friends (Central Perk, of course), and a whopping 96% could easily recognize the iconic Target bullseye logo (who could miss it?).

So, if the majority, if not virtually all of us, can recognize these cultural facts, why can only 23% of people identify the safest password combination in a list of given options?

hsi-password-security-knowledge-pop-culture-vs-cybersecurity-photos

And, we don’t mean to pick on the Swifties, but it is a bit funny that we live in a world where one out of eight people know who Taylor Swift’s boyfriend is (T-Kelce, duh) but not what 2FA is (two-factor authentication).

With a bit of re-prioritizing, we can all make online safety as easy and essential as our favorite pop culture facts.

How To Get Low-Income Internet Through Xfinity

Best Fiber Internet Provider of 2025: Google Fiber

Author -

Trevor's written professionally for five years for editorial publications and retail/e-commerce sites. He lives in Salt Lake City and enjoys photography and making music in his spare time, or you can catch him on your local dance floor bustin' a move.

Editor - Jessica Brooksby

Jessica loves bringing her passion for the written word and her love of tech into one space at HighSpeedInternet.com. She works with the team’s writers to revise strong, user-focused content so every reader can find the tech that works for them. Jessica has a bachelor’s degree in English from Utah Valley University and seven years of creative and editorial experience. Outside of work, she spends her time gaming, reading, painting, and buying an excessive amount of Legend of Zelda merchandise.