We all have a lot of passwords to keep track of on a daily basis, whether they’re for shopping websites, emails, social media, or the workplace. It’s practically impossible to remember login information for each of them. But without these crucial bits of data, we can’t get to where we need to go online.
It is estimated that over 300 billion passwords are currently in use, which equates to around 38.4 passwords per internet user. Further, it is expected that cybercriminals will steal more than 33 billion records by 2023, an increase of 175% from 2018.
While these password statistics are alarming, the behavior of individuals towards their online security is an exciting topic to discuss!
Password psychology: Why do we pick bad passwords?
Various people behave in different ways with passwords. Their personalities can be classified into two. The first category of people are very proactive, organized, and conscious that their personal information must be secured. They are definitely not the hackers’ favorite. In contrast, the second category of people are lethargic, and aren’t interested in making efforts to protect their data. They assume that their accounts are not worth the hackers’ time. Well, you know what Oscar Wilde had to say about assumptions; when you assume, you make an…
Some of the most common passwords used in 2022 include:
1. password
2. 123456
3. 123456789
4. iloveyou
5. guest
Are you loyal to your old password?
I can hardly recollect the last time I had to ask my dad for the Wi-Fi password or the lock screen passcode on his cell phone. The password has always been either <hisname@hisdateofbirth> or <mymother’sname@herdateofbirth>. I’ve been left awestruck by his consistency in maintaining the same password for decades, and I’m sure he’s not the only one.
According to a report by Last Pass, 92% of people are aware that using a variation of the same password is a risk. Still, 65% of them use the same one or something identical. It’s not necessary for you to be this loyal to your passwords. I know it hurts, but sometimes, you just have to let them go.
Also, it is to be noted that only 29% of users change their passwords for security reasons, while others change them because they forgot their old password.
Are people partial to certain accounts and their passwords?
Not all passwords are made equal. People prioritize financial accounts (69%) over retail (43%), followed by social media (31%) and entertainment (20%). Services like mobile payment, online banking, and trading accounts are given higher priority over others since a security breach here could result in severe financial damage. However, irrespective of the account type, it is pivotal to protect our personal information, since our data can be misused or manipulated.
Here are some reasons why people find it hard to remember passwords:
1) You don’t use passwords daily:
Registering an account has become a key necessity to access anything on the internet, which obviously requires creating a password. After this, we “save” the passwords of only those accounts we often use on our PC or phone and don’t worry about the others. However, we have to understand that saving passwords on devices is not advisable as they can be accessed by anyone without our consent. On the other hand, if you use the same account on multiple devices, you’d probably find it difficult to remember your password.
2) Too many accounts and passwords:
While we have accounts that we access every day, there are others we use once a week, others once every few months, and those we’ve probably used only once. Having to recall all these passwords off the top of your head is next to impossible. That’s why a lot of people use one common password for all their accounts. What we fail to understand is that using a common password makes things simple not only for us but also for hackers.
3) You have a few rules to follow:
The days of settling for short passwords are long gone. Back then, you could create a password using your nickname, birthdate, or mobile phone number. Now, we have certain unwritten rules to abide by. Password policies and recommendations have been issued by the National Institute of Standards and Technology (NIST) in order to reduce cybersecurity risks and protect networks and data. Apart from this, organizations have their own rigid password policies. Every password we set up must adhere to the guidelines of these policies. You might have come across conditions like “the length of the password must be a minimum of eight characteristics” or “the password must contain at least one special character,” and so on. Though we’ve all found it annoying at one point, we must understand that these conditions play a vital role in protecting and securing our personal information.
4) You can always get another password:
Here’s the main reason why individuals are reluctant to memorize passwords: They are aware that they can change their passwords whenever they want and regain access to their accounts. However, the situation would be highly chaotic for both users and organizations if the option to create or retrieve passwords didn’t exist.
5) You don’t save passwords in the right place:
Making a spreadsheet, naming it “My passwords,” listing all your passwords there, and saving it on your desktop is definitely not the right way of storing your passwords.
Passwords are frequently forgotten because they are saved in inconvenient locations. According to a study by bitwarden, 59% of individuals memorize their passwords and 33% of people write them down on paper.
Your brain will register a password if you use it to access an account every day. You will ultimately be in a situation where you’ll have to reset your password if you go more than a month without using it. It’s that simple.
The solution
When you intentionally begin to consider your privacy, the solution to securing your account will follow. Given below are the guidelines issued by the NIST. Ensure that all of your online passwords have the following qualities:
-
Make it lengthy (preferably 12 or more characters).
-
It has to be unique (so that breaking one doesn’t compromise multiple accounts).
-
It should be divorced from personal meaning (so that social networks provide no clues).
-
It must be updated whenever a breach is suspected.
These recommendations can be challenging to implement if passwords are memorized or written down. This is where password managers come into the picture. They are designed to help you in creating customized, compatible codes for every site, recording and auto-filling them, and notifying you when credentials need to be updated. Usually, they are simple to use, efficient, and most importantly, encrypted.
Did you know that a 12-character password takes 62 trillion times longer to crack than a six-character password? Don’t panic! You don’t have to memorize lengthy passwords. We’ve got you covered. ManageEngine has a comprehensive suite of IT security solutions that will help you handle all your passwords with ease. Stay calm, check out our website, and learn more!
About ManageEngine
ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine’s real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoints and more. ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT. For more information, please visit manageengine.com, follow the company blog and get connected on LinkedIn, Facebook and Twitter.
