Password Statistics

10 Alarming Password Statistics That Should Worry IT Managers Everywhere

As we navigate through the interconnected world of the 21st century, passwords have become the keys to our digital kingdoms. But these keys can often be easily duplicated, leaving our kingdoms susceptible to cyber invaders. Here are 10 alarming statistics about passwords that should have every IT manager concerned.

  1. 81% of Breaches Are Caused by Weak Passwords. The 2021 Verizon Data Breach Investigations Report revealed that weak, stolen, or reused passwords were responsible for 81% of hacking-related breaches. This shows how crucial it is for organizations to enforce robust password practices.
  2. 23.2 Million Accounts Used “123456”. In 2019, the UK’s National Cyber Security Centre revealed that “123456” was the most widely used password, with 23.2 million accounts globally being victimized by hackers exploiting this password. This statistic shows an alarming lack of awareness regarding the importance of strong passwords.
  3. 59% of People Reuse Passwords. Despite repeated warnings about the dangers, a recent survey by LastPass revealed that 59% of people reuse their passwords, greatly increasing their risk of being hacked.
  4. 70% of Passwords Can Be Guessed. A 2020 study from Virginia Tech found that 70% of users’ passwords can be guessed, highlighting the need for complex, unique passwords. But it only gets worse.
  5. 15 Hours are Spent on Password Resets Annually. It’s estimated that each employee spends around 15 hours per year resetting forgotten passwords, leading to significant productivity loss.
  6. Average Cost of a Data Breach is $8.64 Million. A report from IBM in 2020 showed that the average total cost of a data breach in the U.S was $8.64 million. This far outweighs the cost of implementing strong password policies and management tools. But many organizations still have not adopted/deployed such policies or password management tools.
  7. The Most Commonly Exposed Passwords Are Still Being Used. “password” and “12345678” continue to be used as passwords, despite being the most commonly exposed passwords. This speaks volumes about the need for better password education and policy enforcement. And how expensive is the issue of weak passwords?
  8. $1 Trillion was Lost to Cybercrime in 2020. Cybercrime cost organizations worldwide an estimated $1 trillion in 2020, a significant portion of which could have been mitigated by improved password practices. But many still aren’t prepared.
  9. 1 in 5 Employees Share Passwords. Shockingly, about 20% of employees admit to sharing their email passwords with colleagues, creating a significant security vulnerability. However, the real number is likely much higher.
  10. 300 Billion Passwords will be in Use by 2023. The sheer number of passwords expected to be in use by 2023 presents a colossal challenge for IT departments in managing and securing these authentication methods.

These statistics show that weak and mismanaged passwords remain a critical cybersecurity concern. Therefore, as IT managers, it is essential to educate employees about the risks associated with poor password practices and invest in effective password management solutions. Because when it comes to cybersecurity, a single weak link can compromise the entire chain.

Capterra Best Value for Authentication Jun-20
Capterra Ease of Use for Authentication Jun-20

See GateKeeper Enterprise advanced MFA in action.

Take a self-guided tour of how you can evolve from passwords. Then you're really saving time with automation.