The study, carried out by Gigya, a company that sells a customer identity management platform, found only 16% of the respondents bothered to set up a unique password for each of their online accounts.
Among respondents aged 51-69, a total of 65% created five or more passwords across their online accounts. This dropped to 44% in the case of millennials, or respondents aged 18-34.
The Gigya study found that 56% of those questioned used passwords they knew were insecure. These included passwords including their names or dates of birth.
Among the so-called generation X respondents, 42% said they were guilty of opting for passwords that were easily remembered but insecure while among the millennials the figure was 33%.
Gigya pointed out that as identity fraud was costing Americans US$16 billion per year, consumers could be expected to be more careful in protecting their online bank accounts.
But again, a quarter of all respondents in the survey said they did not bother to create more complicated passwords for accounts linked to financial information.
The use of two-factor authentication, another safety mechanism for online transactions, was higher among the older respondents. The survey said baby boomers were nearly twice as likely as millennials to use this feature when using an online account.
More than a quarter of the respondents said they had had an online account compromised in the past 12 months. For millennials, this was 35% which, Gigya said, could be tied to the failure of this group to set up secure passwords. By contrast, for baby boomers the figure was below 20%.