Perceptions of the risks of password related activities

Many studies have investigated people’s risky password related activities such as writing down passwords, sharing them with other people and re-using them across accounts, but few studies have investigated people’s perceptions of the risks of these activities. This paper reports on an online survey with 129 people rating the risks of 11 different password related activities in four domains (social networking, email, eBanking and eCommerce). There were fewer differences between the perceived riskiness of activities due to domain than expected, but differences between the activities and the numbers of respondents who said they would engage in the different activities. There were interesting patterns of differences in the ratings of the riskiness, severity of the consequences, usefulness and likelihood of encountering the different activities, which may help explain why people undertake risky password activities.