Psychology of Passwords
Understanding and outsmarting password (mis)behaviors
Exploring the password security behaviors of 3,750 professionals across seven countries
The COVID-19 pandemic disrupted the home lives and workplaces of millions worldwide. Offices closed, people transitioned to working remotely, and families quarantined at home. With nowhere to go, they spent more time online.
70% reported spending more time online for personal entertainment and work.
65% of people use the same password or a variation for multiple accounts, though they know it’s a security risk.
45% of people didn’t change their passwords in the last year even after a data breach had occurred.
People pick and choose what accounts to protect
Although 92% of people know it's a risk to reuse one password for multiple accounts, 65% still do it anyway. For many, it’s an issue of password memorization – they can only remember so many unique passwords. Thus, only some accounts get the security they deserve.
Rather than picking and choosing what accounts are worth protecting, we should treat all credentials as vulnerable. It’s important to protect yourself while spending more time online, such as creating unique passwords for every account. LastPass makes it easy.
IT needs to set a standard for business password practices
People won't reassess their password practices on their own. IT admins need to rethink security strategies to ensure employees practice good password and access hygiene while working from home.
35% of employers made employees update their passwords regularly.
46% of employees did not strengthen their passwords on their own.
39% businesses made sure employees logged into company apps via secure networks.
47% of employees didn't change their security habits once working remotely.