Americans overestimate their understanding of internet security

Image credit: Shutterstock

The number of consumers creating a website to have their own online presence is on the rise but a new survey from Google has revealed that many people drastically overestimate their understanding of internet security and online safety.

After introducing the “.app” top-level domain last year as a more secure alternative to “.com”, Google Registry partnered with the Harris Poll to conduct an online survey of 1,002 adults ages 16-24 and 1,001 adults over 25 living in the US about creating websites and online security.

The survey shows that website growth is on the rise with 20 percent of respondents having created a website and 48 percent planning to create one in the future. Over half (65%) said that they would consider using domains other than “.com”.

When it came to online security, 55 percent of respondents gave themselves a score of A or B when the survey results paint a much different picture. Almost all (97%) got at least one question wrong on a basic six question security test and only 23 percent were able to correctly identify a link with https as being the most secure.

HTTPS vs HTTP

Google has been trying to push the idea of HTTPS everywhere for some time now as part of its goal to make the internet a more secure place and in its survey it tried to gauge consumers' understanding of the concept.

Of those surveyed, 42 percent didn't realize there is a difference between using http and https in a web address. Even more surprising was the fact that Americans aged 16+ would not check for an “S” on a website where they are entering personal information even after being told that “S” means secure connection.

Web owners though are making more progress moving to HTTPS and 89 out of the top 100 websites on the web now default to HTTPS.

Google is doing its part as well by offering free SSL certificates from Let's Encrypt to help users protect their sites and Google Registry's domain extensions including .app, .page and .dev require that all registered domains use HTTPS connections.

TOPICS
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.