Passwords - Statistics
Last updated
Last updated
A Google study on the use of passwords by American users was released in 2019 as well as a Ponemon Institute study in 2020.
The Ponemon Institute is considered the leading research center devoted to privacy, data protection, and information security policy.
Yubico released its second annual State of Password and Authentication Security Behavior Report, conducted by the Ponemon Institute in 2020. The study surveyed 2,507 IT security practitioners in Australia, France, Germany, Sweden, the United Kingdom and the United States, as well as 563 individual users.
The Google study is present in the original version via this . The Ponemon Institute study in its original version can be found .
As cybercriminals' capabilities continue to evolve, our password management habits and understanding of cybersecurity best practices have not kept pace. This is true for both individuals and businesses, as the statistics below show.
75% of Americans say they are frustrated with having to store and keep track of their passwords.
24% of Americans have used the word "password", "Qwerty" or "123456" as their password.
43% of Americans have shared their password with someone.
20% of Americans have shared their email account password.
Only 37% of Americans will use two-factor authentication to secure their passwords in 2020.
Only 34% of Americans say they change their passwords regularly.
Only 15% of Americans use an online password manager.
66% of Americans use the same password for multiple online accounts.
27% of Americans have tried to guess someone else's password, and 17% of them were able to guess it correctly.
13% of Americans reported reusing their password across all their accounts in 2019.
Only 32% of Americans were able to correctly define the terms "phishing," "password manager" and "two-step verification."
42% of organizations rely on post-it notes for password management.
59% of organizations rely on human memory to manage passwords.
62% of businesses say they are not taking the necessary steps to properly secure mobile data.
Cybercriminals are not only a threat to individuals, they also pose a significant risk to large businesses across all industries. That said, not all sectors are in the same boat. Compliance rules vary widely across industries, and some industries are quicker than others to adopt and maintain appropriate security measures. For example, technology and software companies are often very diligent in their cybersecurity defenses, while insurance companies often lag behind.
Report link.
37% of employees at technology and software companies use multi-factor authentication (MFA) – the use of two or more separate factors for verification and authorization of a user.
33% of employees in the education sector use AFM and 32% of employees in the banking or financial sector use AFM.
At the low end, only 20% of legal or insurance employees use MFA.
Password reuse is when someone uses the same password for multiple online accounts and services, for example using the same password for their email address and bank account. Many people reuse a password because it is easier for them to remember one password rather than several.
Media and advertising employees reuse their passwords almost twice as much as employees in other industries.
Employees in the nonprofit sector reuse the fewest passwords (around 9 on average).
Employees in the technology or software industry reuse about 15 passwords on average.
The figures are not very representative for “French-speaking” countries (Belgium, France, Morocco, etc.). Be-Hacktive will therefore launch its campaign to investigate the habits of French-speaking users.
The survey link will be available soon and necessarily ANONYMOUS
