Skip to main content

Passwords are hard and people are lazy, new report shows

Despite ongoing efforts by security researchers and internet titans to push us to use stronger passwords and two-factor authentication to secure online accounts, people are lazy and continue to make serious mistakes that jeopardize their privacy and security, a new report shows.

A new survey that delves into password selection shows an alarmingly high number of people reuse passwords across multiple accounts. If you are doing this, you should be aware that it only takes one security breach to put all of your accounts at risk. Hackers know that this is a common practice and will try the same stolen passwords at every popular online service in hopes of gaining easy access.

Office computer with login asking for password and username.

A new report from Tech Radar found that 60% of survey respondents admitted to reusing a password across multiple accounts. About 40% of this group explained it was hard to remember multiple passwords. Since most accounts require complicated passwords with letters, capitals, numbers, and symbols, it can be quite difficult to choose a password that’s both secure and memorable. Another 27% claimed they weren’t likely to be hacked. Whether that should be classified as carefree or careless is a matter of opinion.

Another interesting detail is a hesitation to use password generators that automatically create superstrong passwords and store them for you. Apple, Google, Microsoft, and most other browser developers offer this service for free. There are also third-party solutions like LastPass, 1Password, and Dashlane that work across various devices.

Your Mac will recognize that you've forgotten your login password.

If you really insist on managing your own passwords, you should check out our guide that helps you fix password problems and increase your online security. Meanwhile, the big tech companies know that we are currently in password hell with 79.5 million attacks on passwords per day and are working on a solution.

Apple, Google, and Microsoft recognize that even with two-factor authentication solutions, online security has to be improved. A real, humancentric solution is on the horizon and it should ease the crushing weight of remembering dozens of passwords, verifying frequently with two-factor authentication and potentially denying access after a few mistaken logins.

The FIDO Alliance and World Wide Web Consortium plan to work with tech leaders to get rid of passwords entirely. In this case, you’d sign in with a touch or a glance, using face identification or fingerprint verification. That future can’t come quickly enough, so hopefully Apple’s Passkeys feature, which is coming in iOS 16 and macOS Ventura, will help lead the way.

Editors' Recommendations