Survey shows people still need help.

Screenshot of safe.page, a Google Registry site about safe web browsing

People still need help with web security.

Google Registry, the Alphabet division responsible for new top level domain names such as .dev and .app, has launched a website at Safe.page that helps people learn about phishing and secure websites. The company released survey results today showing that people still need security help.

The survey of over 2,000 adults shows:

  • 42% didn’t realize the difference between http and https in a web address
  • 69% didn’t realize that https could be used in a phishing attack
  • 64% used the same password on multiple websites

One interesting non-security datapoint in the survey is about Gen Z. 34% of those surveyed between 16-24 who have already created a website did it for a class project. This is an interesting opportunity for domain registries and registrars.

Safe.page includes a quiz for people to review URLs in emails to check which ones are safe and which aren’t. I admit to overlooking a double-s typo in one of the quiz questions. That puts me in the 97% of people who missed at least one question on the quiz.

Google suggests people double-check domains before entering sensitive information. I hope its search team that designs the search results pages follows the same guidelines, especially on mobile pages.

Google promotes three of its domains that require SSL on the site: .page, .app and .dev.

Listen to a podcast about the security of these namespaces in DNW Podcast episode #221.

Source link