33 Password Statistics Small Businesses Should Know

password statistics

A password is crucial in protecting a device and confidential data on it from unauthorized access. Do small business owners create secure passwords? Read the latest password statistics below.

We have collected key password statistics to help you understand the state of password security. Going through these password stats will help you plan robust password management in your company.

Let’s dive in:

Why Is Password Management Important to Small Businesses?

Here are key reasons why you should focus on password management in your business:

  • Users tend to follow poor password habits and avoid creating strong passwords
  • Multi-factor authentication (MFA) can be easily implemented if you use a password manager
  • Password management allows you to monitor compliance and check if there are compromised credentials related to your company available on the dark web
  • You can easily record password reset with a password manager
  • Password management can save you time and money you will otherwise spend on lost passwords

Poor password security can lead to a data breach or other cyber incidents.

Using a password manager will make it easy to handle passwords and enforce good password management habits in your company.


Password Reuse Statistics

If you reuse passwords frequently, you should stop doing it immediately. And change your passwords regularly to strengthen cybersecurity in your business.

The following password security statistics will help you understand the state of password reuse.

1. A Google survey reports that 65% of people reuse the same password for multiple accounts or all accounts.

2. Even though reusing password poses security threats, employees reuse passwords 13 times. Using a good password manager can quickly solve this issue.

Are you wondering why people reuse their passwords?

The following stats from the Psychology of Passwords report will help you understand:

3. Remembering all passwords is quite a task. So there is no surprise that 68% of people who reuse passwords are afraid of forgetting them

4. People want to be in control of all their passwords, which is why 52% of people prefer reusing passwords

5. Among people who reuse their passwords, 36% of people don’t think their accounts are valuable enough to attract hackers’ attention

6. People use the same passwords for multiple accounts despite being aware of the risk. The same report notes that 92% of people understand the risk of using the same password or its variations

Password Theft Statistics

7. If you want to create strong work or personal passwords, you should use at least 12 characters in your passwords. This is because it will need 62 trillion times longer to crack complex 12 characters passwords than six-character passwords created using lowercase letters.

8. Creating strong passwords for multiple online accounts is tough, let alone remembering those passwords. So people use common passwords. In fact, 73% of online accounts are protected by duplicate passwords. And more than half of the people are not familiar with two-factor authentication.

9. Password dumper malware attacks copy and steal save passwords. 40% of malware-related breaches were caused by password dumper malware

Strong passwords keep your work and personal accounts safe from unauthorized access. But people are still not taking suitable security measures to ensure data security.

The following password security stats collected from a Google survey will help you understand how user behavior weakens the security of passwords:

10. Sharing passwords with others is a bad practice. But still, 43% of Americans have shared their password with someone else.

11. Despite the fact that two-factor authentication improves the security of password-protected accounts, only 37% of Americans use two-factor authentication

12. Easy-to-guess, common passwords make professional and personal accounts vulnerable. 27% of people have attempted to guess someone else password, and 17% of those have got it right.


Two-Factor Authentication Statistics

Here are key findings from the State of the Auth Report prepared by Duo:

13. 79% of employed professionals use two-factor authentication (2FA). And 60% of self-employed individuals use 2FA

14. SMS (85%) is the most commonly used second factor, then comes email (74%) and mobile passcode (44%)

Here are 2FA stats from the State of Password And Authentication Security Behaviors Report:

15. Mobile authenticator apps are a quick, easy way to authenticate users. 37% of companies that employ two-factor authentication rely on mobile authentication apps.

16. 65% of users believe that the use of biometric authentication would make their accounts more secure.

17. Technology and software companies are most likely to use two-factor authentication.

Weak Password Statistics

The following weak password statistics from the Avast survey will encourage you to implement a strong password policy in your company:

18. 83% of American use weak passwords. And 16% of people use their own name or a family member’s name as a password

19. Surprisingly, people don’t change their password even after compromised account security. Only 23% of people change their passwords after being informed about a data breach. There are multiple tools like this, to check if your passwords appeared in any data breaches.

20. Cybersecurity experts recommend that people should change their passwords periodically. But only 20% of Americans change their passwords frequently every three months. And 18% of people never change their passwords.

Password Security and Cybercrime Statistics

Here are essential business password statistics from Keeper’s survey:

21. When it comes to saving work passwords, many employees still rely on sticky notes. In fact, 57% of employees use sticky notes to manage work passwords.

22. Saving work passwords in plain text is another bad habit, which 49% of employees still do.

23. Sharing passwords with other employees via emails or text messages weakens cybersecurity. However, 62% of employees share their work passwords by email or text.

24. Disabling the accounts of your previous employees should be one of the top priorities of your IT department. This is because 32% of employees can access online accounts belonging to previous employers, meaning many companies don’t disable accounts when employers leave the companies.

25. Sharing work passwords with family members can enable unauthorized people to access data. And 11% of employees share work-related passwords with a family member. So you should make strict rules about password sharing.

Password Manager Statistics

A good password manager app can help create, save, share, and manage passwords safely with multi-factor authentication and local data encryption. But still, internet users are not leveraging this powerful tool to boost online security.

Here are key password manager stats from a survey conducted by Security.org:

26. 71% of people don’t use password managers because they don’t believe password managers are secure.

27. Only 20% of people use password managers to manage or store online account passwords. And LastPass is the most popular manager, and then come Keeper security and McAfee True.

28. 71% of people who use password managers do so because they cannot remember their passwords

29. Encryption offers an additional layer of security. 34% of people use a password manager because it allows them to encrypt saved passwords

30. To access login credentials on a password manager app, you need to create a strong master password. 81% of people create unique master passwords, but 19% of people still recycle their master passwords.

31. All good password managers allow users to sync passwords on multiple devices. And mobile devices offer ease of use. So there is no surprise that 77% of people use mobile devices to access their password manager apps, and 75% of people use laptop/desktop computers for the same.

32. 69% of people would consider using a password manager app in the future for online accounts

33. 59% of companies rely on human memory to manage passwords. When people rely on their memory to remember passwords, they are likely to create common passwords that are easy to hack.


What Percentage of Data Breaches Are Caused by Passwords?

According to a Verizon report, 80% of hacking-related breaches are caused by password-related issues (brute force or the use of lost/stolen credentials.

What Percentage of People Have Weak Passwords?

83% of Americans use weak passwords, according to a survey done by Avast. To create a strong password, you must include special characters, numbers, and upper and lower case letters. Also, you should create a password of at least ten characters long.

What Percentage of People Use the Same Password for Everything?

13% of people use the same password for everything, according to a Google survey. And 52% of people use the same password for multiple (but not all) online accounts.

What Percentage of People Use ‘Password’ as Their Password?

24% of people in the US use password, 123456, or admin as their password, according to a Google poll. People use a common password to remember it easily.

How Are Most Passwords Stolen?

Phishing is the most commonly used password-stealing technique. Other common methods hackers employ to steal passwords are social engineering, malware, brute force, keystroke logging, and credential stuffing.

Final Thoughts

Now that you know the latest password statistics. It is time to revisit your password policy. Ensure that your company’s average password length is more than ten characters and that all your employees use multi-factor authentication. Using a good password manager can make password management easier in your company.

What are you waiting for? Take the next step based on these latest password statistics.


Image: Envato Elements

More in:

Sandeep Babu Sandeep Babu is a cybersecurity writer. He writes about malware, data security, privacy, and other cybersecurity topics for SBT and other reputed platforms.