A new survey from Yubico, a modern cybersecurity company on a mission to make the internet safer for everyone, reveals a tale of two cities – or, more accurately, ten. While New Yorkers rush to catch a train and Californians are stuck in traffic, nearly half of Americans (48%) are still stuck using the same password for multiple online accounts. Even worse? When asked what they think is the most secure method, only 3% believed in using a hardware security key which is considered to be the most effective tool available to stop phishing.

Conducted by Talker Research, the survey of online habits across the top 10 U.S. metro markets reveals a nation that thinks it’s security-savvy but is still making rookie mistakes. From password reuse to overconfidence in spotting AI-enhanced phishing scams, here’s a look at which cities are winning the security game – and which ones need to step it up.

Cyber Technology Insights : Keepit Forms Strategic Partnership with Ingram Micro to Expand SaaS Data Protection in Canada

“Yubico’s survey reveals a wake-up call: many people have a false sense of security when it comes to their online accounts being protected,” said Ronnie Manning, Yubico’s chief brand advocate. “They are overconfident in their safety, yet they still hold on to risky habits that can be tempting for today’s modern hackers. The YubiKey isn’t just a product; it’s a statement that proves your security is non-negotiable. It gives you the power to secure your entire digital life with one simple, human touch.”

The City Showdown: Who Needs a Digital Pep Talk?

  • New York vs. Los Angeles: Over 48% of all respondents admitting to reusing passwords, we can only imagine the number of New Yorkers who are using the same password for their finance app as they are for their favorite bodega rewards program. And in LA, where the traffic is a constant grind, maybe it’s not a surprise that password updates are a rarity, with 19% only changing them when they are prompted or have experienced a security incident.
  • Seattle vs. Denver vs. San Francisco Bay Area: Tech-giant cities Seattle and San Francisco agree: MFA is used by 70% of Seattleites and 67% of San Franciscans. In fact, San Franciscans take it a step further with 64% setting up passkeys whenever available. Meanwhile, their competitor for top U.S. tech hub, Denver, lags behind – being one of the most likely to use the same password for multiple accounts (50%) and to admit to not using any specific security methods beyond basic passwords (11%).
  • Chicago vs. Atlanta: While a significant portion of consumers believe that strong, unique passwords are the most secure method (22%), they’re missing the bigger picture. Atlanta, meanwhile, is on the rise, with 62% of consumers actively turning on MFA when available. Looks like southern hospitality includes protecting your friends from getting hacked.

Cyber Technology Insights : Anomali Names Chris Vincent as Chief Sales Officer

  • Dallas-Fort Worth vs. Houston: Does anyone in the Lone Star State still use their pet’s name for a password? A surprising 13% of all respondents admitted to doing so. Let’s make security as big as everything else in Texas!
  • Washington, D.C. vs. New York City: The survey shows that 42% of people in Washington, D.C., are worried about their financial institutions being hacked. The cities are neck and neck when it comes to adopting passkeys, with 61% of New Yorkers and 62% of D.C. area residents setting up the technology to protect their online accounts.

The survey also found that despite a majority (62%) feeling confident they can spot a phishing attack, 39% reported experiencing a cybersecurity incident in the last year.

With over 64% of people turning on MFA, the momentum is there, but most are still using less secure methods like text message codes. The fact remains that the only 2FA method to defend against phishing attacks 100% of the time is a hardware security key.

Cyber Technology Insights : Microsoft Expands Azure Security with Marvell LiquidSecurity HSMs

Source: prnewswire

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com