Forty-five percent of all American adults failed a quiz about online and wireless safety, according to an AARP study released this week.

The report, which focused on users’ cyber security habits as well as knowledge, found that while most Americans have a general idea of good cyber security practices, a significant portion of respondents  to each question were either not aware of or not implementing the guidelines.

Of particular note are the findings regarding public Wi-Fi use. Public Wi-Fi poses greater cyber security risks due to its lack of firewalls, anti-virus and anti-spyware software. The report found that one quarter of Americans use public Wi-Fi at least one a week, while more than a third (37 percent) use it monthly. Of those who say they use public Wi-Fi weekly, 27 percent have banked while on the public network. Similarly, 27 percent of weekly public Wi-Fi users have purchased a product or service using a credit card on the open system. Both practices are considered unsafe according to specialists.

The study also found that 26 percent of smartphone users did not have a passcode on their phones, leaving their devices open to attacks. Additionally, 27 percent of all respondents reported that they have not changed their online banking passwords in more than 90 days, the recommended duration according to online experts.

Respondents were also unaware of many other helpful cyber security tips, as nearly 40 percent of respondents were not aware that it is not okay to use the same password on multiple sites regardless of password complexity, that mobile wireless connectivity should be disabled in public places even if not in use, and that it is not safe to access sites with sensitive information on a public network, even if the site is protected by https. If you must access the Internet in public, experts recommend using a mobile device’s cell network, which is more secure. Even in that scenario, users should never set their phones to automatically connect to the public Wi-Fi and should always double check they have the correct network, as similar looking fake networks may be in place.

The report was compiled based on results of a phone survey of 800 American adults between April 2 and April 11, 2015. The total collected sample yields a maximum statistical error of ± 3.5 percent at the 95 percent confidence level. Click here for more information regarding the report, or here for a press release about the findings.