Firewalls also ranked high among users, which 17 percent mentioned in their top-three security actions, often in conjunction with antivirus software. Just 3 percent of experts prioritized firewalls as high. Experts cautioned against antivirus software and firewalls, calling them "simple, but less effective than installing updates,"and "less sophisticated."
Users value strong passwords, but rarely use password managers
Though both groups listed using strong passwords in their top security priorities (experts: 18 percent; users: 30 percent), they differed on other password specifics. Experts, for example, prioritized unique passwords over users (25 percent vs. 15 percent), while users spoke more often of changing passwords frequently than experts did (21 percent vs. 2 percent).
Despite their attention to password specifics, users placed very little value in password managers, the report found. Meanwhile, four-times more experts said it is one of the most important things they do to stay safe online.
"While more experts said they use a password manager to keep track of their passwords, more non-experts said they write down passwords, remember or reuse them," the report said. "The low adoption rate of password managers among non-experts might stem from a lack of understanding of its security benefits."
The disconnect between the groups' views of password managers was reinforced when users were asked to rate the tools' effectiveness: Just 32 percent rated them as very effective or effective, while only 40 percent said they would follow advice to use them. Average users called password managers "complicated for non-technical users."
While password managers ranked low among average users, they rated the use of two-factor authentication considerably higher, both in terms of effectiveness (83 percent) and likelihood of following advice (74 percent). Experts, however, expressed concerns that two-factor authentication is still too difficult for many users and is not widely enough available.
Users only visit known websites
Average users care about a website's familiarity and reputation more than experts do, though they don't always heed their own advice, the report found. Users ranked visiting only known websites fourth to using antivirus software, strong passwords and changing passwords frequently, at 21 percent compared to just 4 percent of experts, according to the report.
Experts polled by Google pointed out problems with this advice: "Visiting only known websites is great, but paralyzing," one respondent commented, while another said, "Visiting websites you've heard of makes no difference in a modern web full of ads and cross-site requests."
While this tactic ranked high on average users' lists, not all of them adhere to it: Just 7 percent said they do not visit unknown websites, while 19 percent said they rarely do. "This finding might suggest that Visit only known websites' is not always practical," the report said.
Sign up for CIO Asia eNewsletters.