Passwords are implicated in 81% of hacking-related breaches. According to Forbes, 46% percent of Americans reported having their password stolen in the past year, 35% believe that their password was compromised due to a weak password, while 30% attribute the theft to using the same password across multiple platforms.
You weren't one of them? Lucky you. Maybe you don't use a password as ridiculous as "123456" or "Password" (believe us, plenty of people still use these). But you may still be part of the majority of Americans who made common password security mistakes in 2024. If you are, you might not be so lucky next time.
Astonishingly, 43 percent—that's nearly half of us—shared personal passwords with other people at some point this year. That's without protection like a good password manager, which is just asking for trouble.
The above is just one of the fascinating insights from a report by the pro-consumer website comparitech.com. Below are some of our favorites. Have you broken any of these rules? If you have, it's not too late to change your ways!
[Table of Contents]
A Year in Numbers, Letters, and Special Characters
We're Drowning In Passwords
Thirty-seven percent of people manage more than 20 passwords for their personal lives, and 10 to 97 work passwords, depending on their industry and country.
Shockingly, 54% of people rely on memory alone to manage their passwords, including passwords they use for work!
Unsurprisingly, our reliance on our memory for passwords has resulted in 78% of us having to reset a personal password in the last 90 days, and over half of us (57%) have had to reset a work-related password in that same time period. Resetting passwords is an annoying and time-consuming endeavor, with the average American spending 26 hours each year resetting passwords!
How does that play out at work? Roughly 50% of employees sometimes or frequently share passwords with colleagues, usually by email (53%). If you're concerned about your team's password management practices, maybe it's time to consider an alternative method.
We Reduce, Reuse, and Recycle
Thirty-two percent of people use the same password across multiple accounts, with 14% using the same password for both work and personal accounts. On average, employees use the same password an average of 13 times! Most people that do reuse passwords, use the same password on at least four different accounts.
Who are the worst offenders? Millenials. Seventy-six percent of millennials recycle their passwords. Those in the 50+ age range are less likely to recycle their passwords and are more likely to use unique passwords for their online accounts.
If only we could get people to commit to recycling their recyclables!
We're Cursing More
It's been a terrible few years for many people, so perhaps Americans are expressing their frustrations through their password choices. Out of 2.2 billion unique passwords that were analyzed, 152,933,335 (about 7%) included curse words. Of those, the favorite curse word, by far, was "ass," followed by "sex," and the f-bomb coming in a close third.
What little research exists on swearing suggests that cursing has been on the rise linguistically since the 1950s, appearing more in music, books, and, yes, even in our passwords.
Cybercriminals know this and will often use curses in their attempts to crack passwords. So, if you curse in your passwords, you might want to keep it clean for your sake (and grandma's).
Our Passwords Are Hot, Hot, Hot
The most common season used in passwords is "summer", with the top three months being "may," "june," and "august" respectively.
"Abu" for Abu Dhabi is the most widely used city in the world. "Austin" and "antonio" are the top the list of US cities.
For sports teams, the NBA's "Suns" and "Heat" are the most widely used in passwords globally.
Maybe there's no correlation, but we don't believe in coincidences.
We Keep It Personal
Most people use personal information in their passwords to keep them memorable. Fifty-nine percent use their name or birthdate.
Which names are the most popular? Pets. That's right, 33% of respondents use a pet's name, whereas 18% use their first name, 16% use their last name, 11% use a friend's name, and 8% use a parent's name. Spouses didn't make the list.
For humans, Eva and Alex appear the most, both topping 7 million appearances, with Anna, Max, and Ava following behind.
Personal information should never be used in a password. Cybercriminals can scour the internet, collecting data about you to use in a cyberattack.
We Like to Repeat Characters. Repeatedly.
Seven percent of people used a password with repeated characters in 2024. That means passwords like "aaaaa" and "eeeee." We're not sure why.
Repeating characters is NOT recommended. Including a variety of characters, including a mix of uppercase and lowercase, special characters (e.g. ! @, *, etc.), and numbers increase the number of possible combinations, which increases how long it would take to crack the password.
We Don't Like to Use Lots of Characters in Our Passwords
Nearly 60% of Americans used passwords with just eight characters or fewer in 2024. But it gets worse. One-third of Americans used passwords with seven characters or fewer. (Just over 10 percent used longer, stronger passwords of 12 characters or more.)
What's the deal with length? In short, the longer the password is, the more difficult it is to crack. A six-character password can be cracked in minutes to hours, an 8-character password can be cracked in days to weeks of concentrated attempts, whereas it would take years to crack a 12-character password with even the most advanced tools available.
Improve Your Password Security
Now that more of us are working from home, the need for password security has never been greater. Not all the passwords on this list are bad, but there's no excuse for using fewer than twelve characters and sharing passwords with no protection. Plus, many of the passwords listed above are predictable, making it easier for hackers to guess them. Here are some pro-tips:
- Longer passwords are stronger passwords - aim for at least 12 characters!
- Use a combination of numbers, letters, and special characters.
- And, perhaps, most importantly, use a password manager like TeamPassword.
Twenty-two percent of Americans don't employ any specific measures for password safety! Don't be one of them. TeamPassword is a simple and effective way to store and share passwords and team logins so you can keep business projects moving and protect your assets.
