Despite password specifics claiming two of their top-five spots, using password managers ranked low among users. Just 3 percent of users mentioned using the tools, compared to 12 percent of experts. Adopting password managers rounded out the top five security practices for experts.
Furthermore, just 32 percent of users ranked password managers as very effective or effective, while only 40 percent said they would follow advice to use them. Users commented that password managers were too “complicated for non-technical users.”
“Users’ reluctance to adopt password managers may also be due to an ingrained mental model that passwords should not be stored or written down -- advice users have been given for decades,” the report said. “Password managers can make it feasible to use truly random and unique passwords to help move users away from memorable passwords, which are vulnerable to smart-dictionary attacks.”