The COVID-19 pandemic has become a catalyst for a “boom” in the growth of online account ownership — but has potentially also undermined consumer security.

COVID-19 has caused severe economic and societal disruption, not to mention the impact on both our physical and mental health.

Lockdowns, shielding, and stay-at-home orders imposed worldwide forced many of us to turn to online sources for everything from our groceries to banking and entertainment, and this led to what IBM calls a “digital reliance” and the need to create more online accounts than ever before.

In a new global study of 22,000 participants, conducted by Morning Consult for IBM, the technology vendor examined the impact of the pandemic on consumer security behaviors.

The results are in, and they are not good.

With so much else going on, little thought seems to have been given for personal security. As we signed up for account after account — with 15 new online accounts created during the main thrust of the pandemic, on average, per person — 82% of those surveyed admitted sometimes reusing the same passwords and credentials.

  • Always re-use same credentials 21% 21%
  • Mostly re-use same credentials 24% 24%
  • About an even mix of re-used credentials and new credentials 20% 20%
  • Mostly use new credentials 18% 18%
  • Always use new credentials 12% 12%
  • Don’t know/Not applicable 6% 6%
In total, 44% of respondents simply remembered their passwords, whilst 32% jotted their credentials down on pen and paper. 18% of those surveyed said they make use of a password manager, and a further 18% store passwords in the cloud — such as through Notes or Google Docs.

Billions of new accounts, therefore, are now active across the Internet worldwide — and 44% of respondents said they do not plan to deactivate these new accounts, a trend IBM says will give consumers “an increased digital footprint for years to come, greatly expanding the attack surface for cybercriminals.”

In addition, the report found that convenience often outweighs security concerns, perhaps due to how often we hear of data breaches and the knowledge that so much of our Personally identifiable information (PII) is already widely available.

Over 51% of the millennial age group, for example, would rather risk using an insecure app or website rather than visit a physical store or make a phone call when ordering products and services.

If I had concerns about the website/app’s safety or privacy, I would rather pay for an order digitally, than go to a physical location, or call to place an order.
  • GenZers: 1997-2012 45% 45%
  • Millennials: 1981-1996 51% 51%
  • GenXers: 1965-1980 42% 42%
  • Baby Boomers: 1946-1964 33% 33%
If I had concerns about the website/app’s safety or privacy, I would go to a physical location, or call to place an order.
  • GenZers: 1997-2012 55% 55%
  • Millennials: 1981-1996 49% 49%
  • GenXers: 1965-1980 58% 58%
  • Baby Boomers: 1946-1964 67% 67%
Many online services now require strong passwords and a relatively high level of complexity when users sign up. However, passwords themselves are now not enough for popular platforms and the moment they are leaked, they can be used in tailored phishing campaigns and social engineering attempts — as well as for direct account hijacking.

It is recommended that you consider using a password manager that can generate strong passwords on your behalf, monitor for data leaks that have exposed them online, and for further security, enable two-factor authentication (2FA) or consider a physical key, such as Yubikey, for an additional layer of protection.


Charlie Osborne, 2021, Pandemic prompts digital ‘boom’ in account creation – as well as password fatigue, June 15, 2021, <https://www.zdnet.com/article/pandemic-prompts-digital-boom-in-account-creation-as-well-as-password-fatigue/>