The most common online security myths debunked


  • More than three quarters (78%) of Brits mistakenly believe their passwords are completely safe if kept with a large company
  • Almost three in four (74%) don’t know that making a password longer improves its strength
  • Those on a lower income are less informed about how safe their passwords are with companies
  • Public WiFi, VPNs and online passwords are among the most confusing internet-related topics for Brits when it comes to online security

Online passwords are the most misunderstood aspect of online security, with more than three-quarters (78%) mistakenly believing their passwords are completely safe if kept with a large company.

And with more of our data stored online, debunking myths around protecting it has never been more important.

After testing over 2,000 UK residents on widespread internet security myths from online banking to public WiFi, determined the dangerous misconceptions that the majority of Brits still consider fact, the misunderstanding of which could result in having money stolen, data leaked or harmful malware installed on your device.

The 10 most common online security myths

Rank Myth Brits believing myth (%)
1 “Your password is absolutely safe if it is kept with a large company.” 78%
2 “A password is not always better if it is longer.” 74%
3 “A VPN does not prevent my session from being hijacked on public WiFi” 71%
4 “A VPN does not disguise data from potential hackers.” 67%
5 “Using a VPN on public WiFi does not make it safer.” 66%
6 “Hackers can’t download malware, viruses and worms onto your device through public WiFi” 65%
7 “Hackers can’t use public WiFi to watch your session without your knowledge” 59%
8 “Hackers can’t use public WiFi to access your private financial situation.” 58%
9 “Using numbers or special characters in a password does not make it safer.” 35%
10 “A password’s length is not relevant if it is complex.” 30%

The belief that a password is absolutely safe if kept with a large company is most commonly held by those on a low income, with almost four in five (78%) of those earning £15,001 – £25,000 analysed believing this misconception. 

While corporate security is generally strong, data breaches are not uncommon and can lead to a hacker gaining access to several of your accounts, and any personal or financial information associated with them. also found that almost two in 10 (19%) UK residents did not change their passwords after it was stolen in a data breach. This is most common among 16-24 year olds, where more than a quarter (27%) admitted to keeping the same password, even though it had been compromised, meaning the younger generation are most at risk of having their data and accounts accessed due to poor password management.

A whopping 74% of UK residents believe the misconception that a password is not always stronger if it’s longer. While special characters and numbers do build a password’s strength, a longer password is always more difficult to crack. However, just over a third (35%) of Brits didn’t know that numbers and special characters also help to build a password’s strength.

Nearly four in five (78%) of Brits older than 55 don’t know that it’s better to make a password longer, and more than a third (35%) incorrectly believe a password’s complexity should take priority over length. This suggests that older generations are most likely to have their accounts broken into by hackers using password-cracking software, which are more capable at guessing shorter passwords.

VPNs are among the confusing aspects of internet security

Seven in 10 (71%) of Brits are unaware that a virtual private network (VPN) can prevent an online session being hijacked on public WiFi. When a session is hijacked, hackers are able to observe any browsing on your device, as well as passwords, financial details and private information. Three-quarters (75%) of over 55s are unaware of this advantage of using VPNs, meaning older generations may be less informed of the methods that help build their online security.

Misconceptions around VPNs are especially common, with myths surrounding them taking the fourth and fifth position. Two-thirds of UK residents are unaware that they can be utilised to disguise personal data from hackers (67%), and that they make browsing on public WiFi generally safer (66%).

The most confusing internet topics

Rank Topic Average Brits believing myth (%)
1 Online passwords 46%
2 VPN 44%
3 Public WiFi 43%
4 Mobile phones 38%
5 Online gaming 36%
6 5G 32%
7 Full fibre 24%
8 Online banking 13%

Online passwords are the most misunderstood topic surveyed, with almost half (46%) of Brits believing each myth around their passwords on average. With passwords functioning as the first line of security for any online account, it’s clear that misinformation is preventing many UK residents from properly managing and building a safe, secure presence on the internet.

Online banking is the topic Brits are most secure in. Only 13% believed each myth on average, with the misconception that banking online is less secure than banking in-person being most commonly believed, by one in four (26%) UK residents.

Nick Baker, broadband expert at, comments on how to improve your online security.

As internet security gets stronger, scammers and hackers have, in turn, gotten better at evading it. But there are precautions that anyone can take to improve their safety online.

“Invest in a Virtual Private Network (VPN). A VPN uses remote servers to create a private network only you can access. This means that anybody monitoring your session won’t be able to access any private data, and your online presence can’t be traced back to you. See our online guide for VPNs for all the pros of using a VPN for your internet safety, like how they provide access to regionally locked content that users cannot get otherwise, such as shows on streaming services or online games

“Use virus protection: Most laptops and computers have free antivirus software built in, and add some security when browsing online. However, paying for antivirus software will offer tighter defences against malware, and in some cases offers additional tools like password managers.

“Create longer passwords: Hackers have improved tools to guess passwords, so the more characters there are in a password, the longer it will take to crack. It’s equally important to create different passwords for your accounts, to make sure that one exposed password doesn’t make all your logins vulnerable.”

For more information go to 


Chris Price
For latest tech stories go to