Everyone must use a password, which helps secure account data and information. However, many people do not take password responsibilities seriously, resulting in data breaches for 30% of internet users.
Meanwhile, 37% of internet users request a password change once a month on at least one website due to forgetfulness. That figure shows even with the present threat of possible information breaches, many users still have bad habits in handling their passwords.
This article will give you valuable insights into different password habits affecting your account’s security.
Editor’s Choice
- 80% of hacking breaches are related to password issues.
- Over half of all workers recycle passwords between their professional and personal accounts.
- The same password is used for all of a person’s accounts by 13% of Americans.
- The most common password is 123456, used by at least 23 million accounts.
- 59% of Americans use their name or birthday in their password.
- 17% of Americans have guessed someone’s password correctly.
- 69% of employees share passwords with colleagues.
- Poor passwords cause 81% of company data breaches.
- 65% of people reuse passwords.
- The strongest password type has 12 characters, one uppercase letter, a number, and a symbol
An Overview of Password Habit Statistics
Passwords are created to secure people’s data and information, and people have different ways of doing so. Some take it seriously, while others consider “overdoing” passwords a waste of time and energy.
As proof, 83% of internet users have weak passwords, like 123456, their name, or their birthdate.
📓Research Summary To further show, here’s a quick recap of data gathered by the Harris Poll regarding people’s password preferences: 33% use a pet’s name 22% use their name 15% use a spouse or partner’s name 14% use their children’s names |
It does not end here. There are more password habits statistics in this article everyone must know.
Password Habit Statistics
People with multiple accounts on various devices choose simple passwords they can easily remember. Then, some people with multiple accounts use a single password to protect their data and information.
For instance, 23 million accounts used the most common password, 123456. Based on that fact, 123456 isn’t the best idea for a password.
Learn more interesting password habit statistics you should know about below:
1. 52% use the same password for multiple (but not all) accounts.
(Harris Poll)
50% of internet users share passwords. Even for some accounts, using a single password is risky. For example, someone who knows your online account password on one account may also get your other passwords. With that, create unique passwords for each account to secure them.
Here’s a helpful and short YouTube video that shows why using the same password for multiple accounts is a bad idea: |
(00:06 – 02:16) |
2. Only 35% of people don’t use the same password twice.
(Google)
Not even half of Americans use a different password for all accounts. This only means more than half of the population rely on the same password for multiple accounts and are victims of hackers and cyberattacks like phishing.
Meanwhile, having different passwords means fewer unauthorized groups can access your accounts.
3. One-fifth of internet users always use the same password.
(LastPass)
Though the percentage is low, many people still use the same password for all their accounts when translated into figures. This fact is far riskier than those who are part of the 52% since knowing a single password provides access to your information and data.
4. The Harris Poll shows 43% of internet users have shared their password with someone else.
(Google)
Almost half of Google respondents reported having divulged a password at some point. 57% of internet users shared theirs with a significant other, which means users are more likely to give their password to someone they trust.
Then, only 11% change their password after a breakup. That’s because 10% of survey participants have the password of an ex-partner, former roommate, or colleague in California.
My brothers ex had been stealing our Netflix for the past two months now by disguising her account as “settings” and honestly I ain’t even mad. I’m just really disappointed in myself for actually believing that an account named “settings” would legitimately be Netflix settings pic.twitter.com/fSn3BSCcZh
— bruhmar (@bruhmaar) May 27, 2020
5. Some users have shared their passwords with someone else to share accounts.
(Harris Poll)
A survey conducted by the Harris Poll reflected that many users had shared their passwords with other people.
For instance, 22% of respondents shared their TV or movie streaming service passwords. That’s why 41% of Netflix users stream on the app without paying.
In comparison, 20% admitted they had shared their email account password, and 17% had shared their social media account password. Ultimately, this means several internet users do not keep their passwords to themselves.
6. 17% have shared the passwords of their online shopping accounts
(Harris Poll, Statista)
Online shopping is a trend nowadays. For instance, Amazon has 300 million active users, making it one of the biggest e-commerce websites in the world. However, statistics show people share their online shopping accounts with others.
The problem is that they may place orders just before you know it. According to a study, 75% of consumers who were victims of online purchase scams worldwide lost money in 2021.
Reused Password Statistics
Creating multiple passwords for different accounts takes work. The owner must have multiple passwords and always remember each of them, which is why many people reuse the same combination instead.
Here are reused password statistics showing how this has become a constant practice for many:
7. 52% of Americans use the same password for multiple (but not all) accounts.
(Pew Research Center)
Most Americans prefer to reuse the same password since they find it convenient. Out of the 52% who reuse the same password, only 66% of them change their password once they receive a login alert – this makes other accounts vulnerable to threats such as hacking.
Password habits like that contribute to the prevalence of cyberattacks, where one takes place every 39 seconds.
8. 13% of Americans use the same password across all their accounts.
(Harris Poll)
One in every ten Americans uses the same password for all their accounts. That’s a dangerous practice since it makes it easier for hackers to access your personal information successfully.
If, in 2014, 3 billion records were exposed from Yahoo, such a data breach could also happen to your accounts.
9. Only 35% of Americans don’t reuse passwords.
(Zippia)
A total of 65% of Americans use the same password across all or some of their accounts. That means only one in three Americans do not reuse their passwords.
Take the hack that happened to Visible, a Verizon-owned cell phone network, in 2021. Hackers accessed user accounts and charged them with certain transactions.
PSA: This is a reminder why reusing password across sites is a bad idea.
by u/Starfox-sf in Visible
Weak Password Statistics
A weak password is a character combination easy for people and password-hacking software to guess. Meanwhile, strong passwords can still become vulnerable if you reuse them.
Using a weak password allows hackers across the globe to get into one’s account without permission. Here are some statistics showing how prevalent using weak passwords is:
10. 59% of Americans use their name or birthday in their password.
(Work Smart)
While Americans emphasize keeping confidential information, some still share their names and birthdays online. However, using either information as your password can be considered weak since anybody can easily guess them.
Data shows that most Americans use their names or birthdays as their passwords. Then again, this is a risky habit as it gives someone a chance to enter your accounts easily.
11. 17% of Americans have guessed someone’s password correctly.
(WWpass)
According to research, 17% of the 27% of Americans who have tried to assume someone else’s password have got them right. That figure proves weak passwords can be dangerous and is never enough to protect your accounts.
12. 57% of people scammed in phishing attacks still haven’t changed their password.
(DataProt)
First Contact, an IT support company, showed in their password statistics for 2021 that most internet users who have become victims of phishing attacks keep the same passwords.
Since 57% of these people have yet to change their passwords, they are more vulnerable to hacking and phishing since the same hackers still have their passwords.
To avoid any breach on your accounts, avoid using these weak passwords:
- 123456
- Password
- 12345678
- Qwerty
- 123456789
- 12345
- 1234
- 111111
- 1234567
- Dragon
Password Behavior and Opinion Statistics
One of the reasons Americans use weak and common passwords is that some only feel they are forced to use passwords. There are more beliefs and behaviors regarding passwords that affect users’ habits. Here are more statistics about that:
13. 75% of Americans are frustrated with passwords.
(Harris Poll)
Americans feel frustrated in memorizing and recalling their passwords. The additional security features, such as captcha codes, two-step verifications, and even three-factor authentication processes, which are there to secure their accounts better, become a real hassle for them.
That fact reflects the survey conducted by Harris Poll, showing that 75% of them are frustrated with passwords.
14. 57% of people prefer a passwordless method for accounts.
(Poneman Institute)
There are up to 70% who regularly prefer a passwordless method if there is one. An astounding 91% believe that going passwordless is the future. If given a chance, more than half of users would prefer to have accounts with no passwords.
15. 49% of Americans rely on their memory to manage passwords.
(Bitwarden)
The number of Americans who remember their passwords is still significant. However, it’s lesser than in the United Kingdom (59%) and the global population (55%).
16. 38.6% of people write their passwords down on a piece of paper.
(Digital Guardian)
While hackers cannot access the paper you wrote your password on, it is still a relatively unsafe practice. There is still a risk of people getting access to it.
Aside from writing them on paper, 27.7% use a secure password manager, 17.7% reuse the same password from memory, 9.5% keep all their passwords in a file on their computer, and 6.6% store their passwords in Dropbox or a similar storage method.
17. 78% of people have reset at least one password every 90 days because they forgot it.
(HYPR)
It is not new for many to forget their passwords, even when some people write them down. In a study within 90 days, three out of four people needed to reset at least one of their passwords due to forgetting them.
Workplace Password Statistics
Threats exist on online accounts and even at work. Workplace passwords usually are at higher security risk since they can be accessible to others. The following stats will enlighten you about the necessity of having a solid password for businesses:
18. Employees reuse a password an average of 13 times.
(Security Magazine)
Not having a unique password for every account increases the risk of data breaches, costing companies millions of dollars.
Once someone finds out one of the employee’s passwords, the trespasser may gain access to other accounts. If they’re successful, they can see all critical and confidential information regarding the company.
19. 69% of employees share passwords with colleagues.
(Keeper Security)
Some people find it okay to share a password with a colleague. However, remember that by sharing your password, you also share access to your unit or accounts.
Then, the person you shared it to might still access them, even if you are no longer working together. If that happens, it may cause substantial security risks for the company.
20. Poor passwords cause 81% of company data breaches.
(Verizon)
One of the primary targets of hackers is companies. Further data reveals data breaches led to 75% of companies having a material disruption to business processes. That’s how detrimental poor passwords can be.
21. 62% of employees have shared work passwords via text or email.
(Keeper Security)
Many employees share passwords through email and text messages. That means those who have received them can still save the passwords online or on their phones. Aside from this, 19% even used Google Docs to share their passwords.
✅Pro tip Chances are, passwords sent thru email are for new individual company accounts. If you don’t need to share the account with anyone else and will keep it personal, immediately change its password. |
Stolen Weak Password Statistics
Information breaches can happen if your passwords are stolen. As mentioned, weak passwords are easier targets for cybercriminals. That leads to a security threat since unauthorized individuals may access your data without your consent.
According to Pure Cloud, on average, it only takes a hacker two seconds to crack an 11–character password consisting of numbers.
Suppose you throw in some upper and lower-case letters in there. In that case, that number changes, taking the hacker 1 minute to hack into a seven-character password.
Here’s more data showing how weak passwords can be prone to stealing:
22. 81% Of Company Data Breaches are Due To Poor Passwords.
(Bank of North Dakota)
Managing worker passwords is a struggle for most businesses. What’s more, maintaining healthy password security is costly.
According to the recent Verizon Data Breach Investigations Report, over 70% of employees reuse passwords at work. The report finds that 81% of hacking-related breaches leveraged either stolen and/or weak passwords.
With that, more companies opt for passwordless authentication to lessen data breaches. A survey reveals 38% of organizations use one-time passwords (OTP) for authentication.
👍Helpful article Learn more about passwordless authentication. At first, this authentication method sounds complicated, but it provides a seamless login experience and further security. With no password, there’s nothing for hackers to steal and reverse-engineer. |
23. Nearly 20% of passwords are compromised due to cracking.
(Dashlane)
Password cracking was made to be helpful as it identifies unknown or forgotten passwords using an application program. However, threat actors use it without authorization to access company resources.
According to a report by Dashlane, a private firm, an American has an average of 70 to 80 online accounts. Using one cracked password may lead to access to multiple accounts.
24. 30% of the Users Have Experienced Security Breaches Due to Weak Passwords.
(Goodfirms)
In a survey conducted by Goodfirm in 2021, 30% of the responders experienced security breaches due to weak passwords on their accounts.
Weak passwords are the category of passwords that are easy to guess and decrypt, like the most commonly used passwords mentioned earlier. These passwords can be cracked in under a minute.
Hence, a strong password is a must if you want to secure your accounts.
Password Manager Market Size
A password manager is an online tool to save passwords securely. It’s the only way to create unique passwords for all your accounts, manage and remember them, and have them typed for you online.
Presently, many prefer to use password managers to avoid forgetting their passwords and being cracked by unauthorized individuals. With this tool, you do not need to remember your passwords or write them down on paper.
One password manager we suggest you check out is Passwarden. It has a free version, but you can also do more with its premium subscription. Regardless of whether you’re paying, they can provide you and your family with password security.
Passwarden features unlimited storage and device connections. With that, you won’t have to access the app on one device just to open an account on another.
Here are more facts about password managers and how the market responds to them:
25. The global password management market size was valued at $2.05 billion in 2022.
(Fortune Business Insights)
With its high demand in the market, password management gained more than $2 billion in 2022.
It is projected to grow from $2.35 billion this year to $7.13 billion in 2030.
This shows how people and enterprises recognize the importance of keeping their passwords safe without necessarily relying on memory or a piece of paper.
26. 45 million Americans use password managers to protect their credentials online.
(Security)
Millions of Americans rely on password managers, so they will not need to memorize their passwords when logging on to multiple devices. This shows how password managers can be convenient for most people who depend on them.
Aside from individuals, businesses engage in using password managers for their employee logins and other secured accounts.
Final Thoughts
A password is a security mechanism that prevents unauthorized access to your information, data, and other items. It is the equivalent of a key to a lock that keeps your possessions safe, so it’s essential to take it seriously.
Unfortunately, the above statistics show that people are somehow careless with passwords. However, if you don’t want to be a victim of cyberattacks or have your data compromised, it’s best to improve your password usage habits.
FAQs
How do passwords work?
A password is a string of characters used to verify the identity of a user during the authentication process. Passwords are typically used with a username; they are designed to be known only to the user and allow that user to gain access to a device, application, or website.
Why are passwords important in cybersecurity?
Passwords simply protect everyone’s data from cyber criminals who intend to get access to sensitive information, confidential data, and other contents. By encrypting data, you prohibit others from opening your accounts.
Sources
Timeline Of The Article
With a master's degree in telecommunications and over 15 years of working experience in telecommunications, networking, and online security, he deeply understands cybersecurity's value and importance. Max leverages his vast experience and knowledge to research the latest cyber threats, scams, malware, and viruses in-depth.