If you had to guess the most easily hacked passwords, you’d probably guess “password” or “123456.” And you’d be right.
However, this doesn’t stop countless people from using these passwords – and putting their information at risk – each year
When it only takes hackers seconds to crack a simple password like “password,” it makes it all the more important to do your due diligence to protect your online presence.
We dig into recent password statistics (no follow link) and offer tips for improving your password hygiene below.
8 Password Statistics
These password statistics shed some light on the psychology behind password use, how businesses can improve their password management, and passwords to avoid.
- 57% of people will immediately forget their new password after resetting it.
- The most common password of 2021 was “123456,” which would take hackers less than one second to crack.
- Across all industries, it took 280 days on average to identify and contain a data breach.
- Small businesses (fewer than 25 employees) had an average of 85 passwords per employee.
- 45% of survey respondents did not change their passwords in the past year even after a breach had occurred.
- A 12-character password takes 62 trillion times longer to crack than a six-character password
- Using multi-factor authentication makes your account 99.9% less likely to be compromised.
- Employees reuse a password an average of 13 times.
How to Improve Your Password Hygiene
We know that “password” and “123456” are not great passwords, but proper password management goes beyond picking difficult passwords. Here are a few more tips for improving your password habits.
1. Use random passwords for every account
One of the best ways to safeguard your accounts is to switch up the passwords you use. This means not using slight variations of your core password such as “password1” or “1234567.”
It’s also a best practice to avoid reusing the password for your email account at all costs.
2. Choose two-factor or multi-factor authentication
Two-factor and multi-factor authentication offer extra protection for your online accounts – and help reduce the risk of your accounts being hacked.
For two-factor authentication, you need to supply a second form of identification in order to log into your account. Multi-factor authentication requires two or more additional forms of identification.
These additional forms of identification can include:
- Something you know (like a PIN number)
- Something you are (like facial recognition or a fingerprint)
- Something you have (like a smartphone or badge)
3. Use a passphrase instead of a password
A nonsense sentence can be used to create a passphrase. You can use a password generator to come up with random words to use in your passphrase, or come up with one on your own.
It also helps to add in special characters and numbers to make your passphrase even harder to crack.
Here’s an example:
- Sentence: Rain putters around glass
- Passphrase: R@inPutt3rsar0undgl4s$
4. Change your passwords regularly
Don’t wait for a data breach to update your passwords. You should be doing this on a regular basis and retiring your previously used passwords. To keep track of the passwords you’ve already used, you could create a “Do Not Use” list in Excel.
5. Don’t store your passwords in your browser
Browsers like Safari and Chrome offer to store your passwords to certain sites for quick access. However, if your computer were to be stolen or used by an intruder, they would have full access to all of your accounts just by visiting your browser’s settings page.
For even more tips on how to create better passwords and protect your online identity, check out this visual below. We hope it can help you develop better password habits for years to come.
Graphic courtesey of secureframe.com.