The average user in the corporate world is lucky to get 15 to 30 minutes of crummy user training once a year. Security experts say user education hasn’t worked in the past and will be very unlikely to work in the future. Security expert: Security isn’t binary — or never will be until perfect defenses arrive. Training people not to use the same credentials across professional and personal sites or apps can be accomplished solely through education. Some defenders respond that two-factor authentication (2FA) will solve this problem.”]
Source: https://www.csoonline.com/article/2950473/user-security-training-waste-of-time-wise-investment.html