Social media accounts, bank statements, and even home items are now tied to smartphones. But are they secure? On World Password Day, studies revealed an unsettling truth.

According to a study conducted by MSI International for McAfee, more than 54% of consumers own anywhere from one to four devices that aren’t protected with a proper password or some form of biometric authentication such as a fingerprint. The study was comprised of an online survey of 3,000 adults across Australia, France, Germany, the United Kingdom, and the United States.

The survey was sent out last week in preparation for World Password Day, which was May 4.

While a number of people without proper password protection is shocking, researchers made an even more interesting discovery alongside these findings: there are differences based on where people live. According to the survey, almost 61% of people in urban areas had devices without password protection as compared to a much lower 44% in rural areas.

Almost 94% of people cite web design as the reason they mistrust a website, but what about password security? According to a Gigya study released at the end of April, 70% of consumers use fewer than seven passwords across all of their online accounts. Considering the average American has over 150 online accounts, that’s a pretty concerning figure.

But even more concerning are the results of a Thycotic survey released in April, which revealed that an estimated 53% of security professionals haven’t changed their passwords in over a year and 20% have never bothered to change them at all. The annual survey was conducted at the February 2017 RSA Conference in San Francisco and revealed some major workplace risks among these employees.

Saving a password on a smartphone may seem easy. Internet consumption via smartphone grew 78% between 2013 and 2015, and it has only continued to grow since then. In fact, 62% of companies that designed mobile sites saw increased sales. But mobile compatibility means nothing without the proper security measures.

If anything, these studies have all revealed people aren’t taking passwords and security as seriously as they should be. To make matters more unclear, social networking sites often don’t remind users of the potential security risks associated with weak or similar passwords. In an age where a single login can be used to access multiple social media sites, online security is being put at risk.