43 Interesting Password Statistics in the Cybersecurity World

Most of us have serious problems identifying and remembering a unique password. 

The best we can think of is usually the easiest to remember, such as “12345678” or “qwerty1234”. Such passwords are categorized as “weak”. Weak passwords aren’t just used for email addresses and WiFi connections; most of us don’t care about a strong password, even for the most important documents and apps. Unless it’s a workplace where organizations use password manager software to secure the passwords, using bad passwords is a great risk to cybersecurity. 

Today, smart devices help companies obtain and share user information, and not having a strong password is neglecting the basic level of cybersecurity. Organizations focus on training their employees to dodge phishing, malware, and hackers through cybersecurity programs and practices, but what about personal passwords? 

Find out some interesting statistics on passwords and understand why password security is essential.

General password statistics

If we look at user behavior toward password management, it’s very different from what we would normally expect. Bad password habits include: 

• Writing down login credentials on sticky notes or spreadsheets
• Creating the same password everywhere
• Not updating passwords regularly
• Sharing them with untrustworthy sites and users 

Most users don’t usually take digital security measures, and others use the forget password option to create a different password every time they access their accounts. Similar behavior is observed in the following statistics:

• 66% of computer users know it’s essential to secure work passwords, and 63% feel the need to secure personal passwords.

• 51% of users find it difficult to manage multiple passcodes and use the same work and personal passwords.

• 53% depend on memory alone to manage passwords.

• 32% of users save passwords in a browser, 26% in spreadsheets.

• 26% of people manually write down passwords in a notebook or sticky note.

• 37% of internet users use the forgot password option on at least one website once a month out of forgetfulness.

• More than half of internet users don't create different passcodes for personal and business accounts.

• 78% of Gen Z users have the same password for multiple online accounts.

• 71% of Gen Z respondents are confident they wouldn’t fall for a phishing scam.

• 44% of them understand what phishing is.

• 57% of phishing victims still haven’t changed their passwords.

• On average, 97 passwords per person are handled by media and advertising employees – the highest among other industries.
• Government employees use at least 54 passwords per person, accounting for the least-managed passwords among other industries.

Business password statistics

Security experts suggest using password manager software with built-in online security features to secure your work accounts. This software allows employees to save their passwords, notifies them in time to change passwords, helps choose strong passwords, and more.

• 57% of businesses use multi-factor authentication (MFA) globally, showing a 12% YoY growth.

• 95% of employees using MFA operate on a software-based multifactor authentication option.

• 4% of these employees use a hardware-based solution, and only 1% use biometrics.
• 62% of businesses use biometric authentication technology.

• 39% of businesses using MFA with LastPass prefer LastPass Authenticator. Duo Security and Google Authenticator are other options used by 31% and 24% of employees, respectively. 

• Denmark leads in the use of multifactor authentication, crossing the United States and Germany with a broad margin.

• 37% of employees in the software and technology industry use multifactor authentication.

• Additionally, 20% of employees in the insurance and legal sector use MFA, the lowest in industries using MFA.

• 87% of companies with 10,000+ employees use multi-factor password authentication for IT security.

• 43% of cyber attacks affect small businesses.

• 60% of small and midsized businesses stop operating within six months of being hacked.

• 25% of companies already use features like integrating a password manager in their user directory. This helps automate onboarding, offboarding, and regular management tasks.

• 81% of businesses with directory synchronization enabled use active directory client. Another 15% use Azure AD.

• Less than 50% of businesses have a single sign-on solution in their workplace.

Employee password statistics

Password usage among employees differs depending on industries. The following statistics show which department and country use passwords the most:

• 23% of employees worldwide use password vaults on their phones.

• In smaller companies with 10 to 25 employees, each employee uses 85 passwords.

• In large companies with 1,001 to 10,000+ employees, each employee uses 25 passwords.

• Belgium has the highest number of employees who use passwords for different tasks worldwide, with Sweden being the lowest.
• 67% of respondents to a survey said their organization has privacy and security requirements for IT equipment for remote workers.
• 59% of employees said their organization’s policy focuses on the importance of password hygiene.

• Employees re-use their passwords an average of 13 times.

• 10-14 employees in small companies with fewer than 1,000 employees tend to reuse passwords.

• Nearly 22 professionals in media and advertising tend to reuse passwords, twice as many as in other sectors.

• Since the switch from a voluntary to a mandatory reporting system, the number of violations reported has increased by 252%.

• An increase in the MFA score of 6% to 29% over a year indicates that security measures are in the works to reduce the risk of stolen credentials.

• 80% of security breaches are related to passwords. 

• 57% of internet users look for passwordless technology for online security and identity protection.

• 30% of mobile device users find re-entering passwords annoying and avoid locking their gadgets after use.
• 71% of accounts secured with passwords are used on multiple websites.

Password management is the key to password security

The password security system has advanced, but users haven’t really made proper use of it. Password management software could be a great solution for organizations looking to integrate forms for filling out passwords, saving passwords, creating, recreating, and randomizing them. There are also many free password manager software options available for single users.

Want to explore a single point of maintenance to manage user access to IT applications? Read more about user provisioning and governance tools.