You must securely store photos taken for research and education purposes, as well. What is considered "secure", and what is not, is always going to be debatable. In the real world, there is always a trade-off between security and practicality. Storing photos on a USB drive, which is in turn stored in a high-security vault, is secure but not practical. Storing photos unencrypted on your phone is practical but certainly not secure.
80% of "Security Incidents" that occur are the result of weak passwords. "Organisations are spending millions of dollars to beef up their data, application, and network security, but still keep overlooking the one obvious area of exposure: user passwords."
Passwords can be hard to remember which explains why 80% of people reuse the same password for lots of services. When a security breach does occur (e.g. in 2016 Yahoo revealed that 1 billion accounts were compromised), you can count on hackers trying the same passwords to access to other services.