Password Statistics (How Many Passwords Does An Average Person Have?)

These in-depth password statistics will inform you about the importance of weak passwords, which are the leading cause of data breaches and cyber-attacks.

Surprisingly, many still use easily-guessable passwords for their online accounts, even those with sensitive information.

Besides being weak, people use the same password for multiple accounts, becoming an even easier target. Remember that a six-character password is still very easy for a computer to crack.

Strong passwords are necessary to live our lives in the digital space more than ever.

In this article, you’ll learn about how many passwords an average person has, our password habits, password management, etc.

Don’t be a victim – sort out your passwords now!

This post covers:

How Many Passwords Does An Average Person Have?

1. An average person has approx. 100 passwords (really?!)

I’d say ten, max twenty, but 100? Research by NordPass reported that an average person has around 100 passwords. Not just that, but a similar study from a year prior found that people had between 70-80. So that’s about a 25% increase in the number of passwords that we have.

New account for this, new account for that – oh hey, two more passwords to remember or store in the manager.

Source: NordPass

2. “Password” is the most common globally

NordPass revealed that at a count of nearly five million, “password” is the most popular password worldwide. This applies to both men and women.

Okay, I never even thought of using “password,” so that’s something new.

The second and third most popular passwords are “123456” (1.5+ million uses) and “123456789” (410K+ uses).

Among the 200 most popular passwords, “124578” and “bonjour” are the least popular.

Source: NordPass

3. Most popular passwords by country

At least Taiwan and the United States are a little more creative. The rest are boring.

Country	Password
United States	“guest”
United Kingdom	“password”
Brazil	“123456”
Germany	“123456”
France	“123456”
Japan	“123456”
Taiwan	“vip”
Australia	“password”
Norway	“123456”
Mexico	“123456”

Source: NordPass

Password Habit Statistics

4. Sports teams, movie characters and food items are the most commonly used for passwords

Nope, pizza isn’t the first on the list of most common food-related passwords – in fact, it is in sixth place. The first is fish, the second poke and the third is rice.

Among sports teams, people like using Red Star Belgrade and Detroit Red Wings as a password the most.

What about movie-related ones? Leon, Coco, Joker, Matrix and Starwars. I was certain that something related to LoTR would also be on the list.

Okay, here’s one more; can you guess which swear word is the most popular? Yup, it’s “fuck.”

Source: NordPass

5. 30% of US and UK people find resetting passwords as stressful as retiring

Nearly one-third of the US and UK population find resetting their passwords as stressful as retiring. Moreover, the US and UK people compare falling victim to a data breach (which includes stolen passwords) as stressful as losing a wallet or facing an illness.

Is it really THAT bad?

Source: NordPass

6. 80% of US and UK users say that managing passwords is somewhat difficult

Eight out of ten people in the United States and the United Kingdom find managing passwords (somewhat) difficult. And 30% of the US respondents and 50% UK say it’s challenging to remember multiple unique passwords.

Some password management challenges are having too many accounts, finding it hard to remember which password belongs to which account and creating complex passwords.

Source: NordPass

7. 70% say that the more sensitive the info, the stronger the password should be

More than two-thirds of users agree that the more sensitive and vulnerable the information is, the more strong the password should be.

People’s most valuable accounts are those of their banks or financial institutions. Second and third are their email and big online store accounts, like Amazon and eBay. Users fear that if these platforms get hacked, they’ll lose money.

But accounts related to entertainment, health, sports, productivity and transportation aren’t far back in terms of fear of losing money.

Don’t miss these scary hacking statistics – taking online security seriously is a MUST.

Source: NordPass

8. 40% of US respondents remember their passwords by heart

Almost 40% of the US respondents reported they remember (all) their passwords by heart. On the contrary, one-third of them said they use a password manager tool to manage and store their passwords. The final third writes them down.

Source: Statista

9. 53% of US users create unique passwords for each social media account

More than half of the US users take time to create a unique password for all their social media accounts to stay protected. Moreover, 47% of them say they reuse the same passwords across multiple social accounts.

Source: Statista

Weak Password Statistics

10. Millions of people around the world still use weak passwords

According to NordPass’s look at the 200 most common passwords in 2022, we can see that the most common variations are very weak. Either they use a simple (overused!) word or a string of (too obvious!) numbers, which all take less than a second to crack.

Source: NordPass

11. 6-character passwords are easy to crack

Any password with up to six characters is a piece of cake to crack for a computer. Even if you use at least one uppercase later, a number and a symbol. I bet this will make you want to rethink your passwords from now on.

When you use eight characters that aren’t all lowercase, that situation changes significantly in your favor.

But (!), it will take a computer 34,000 years to crack if you use a twelve-character password containing at least one uppercase letter, a number and a symbol.

Source: Statista

12. Don’t use your favorite Premier League team as a password (easily hackable)

Hundreds of thousands of UK people use their favorite Premier League team names as a password, which are effortless to crack by cyber criminals.

The most common team names used in passwords are (in numbers of people using them):

• Liverpool, 280,000+
• Chelsea, 216,000+
• Arsenal, 179,000+
• Manutd, 59,000+
• Everton, 46,000+

Source: Statista

13. Almost 30% of US adults use the same password for all their accounts

More men than women use the same password across all their accounts. 28% of adults use the same password, while 22% use different ones.

Moreover, adults aged 18 to 34 are the least concerned about password security, thus sticking to the same password to access their accounts and profiles. But only 2% of the people aged 55+ use the same password.

Source: YouGov

14. The second most popular and weakest LinkedIn password is “linkedin”

It’s shocking how weak most common passwords are, so no wonder why so many people’s accounts get hacked as easily as saying ABC.

According to a LinkedIn hack from 2012, “123456” was the most popular password (used by 753,000+ accounts), followed by “linkedin” (172,000+ accounts) and “password” (144,000+ accounts).

Source: Statista

Password Manager Statistics

15. 38% of people don’t use a password manager because they have a system

The biggest reason for not using a password manager is “My current system works.” I’m one of those!

The other four most common reasons people avoid a password manager are:

1. Not interested in paying for password protection
2. Not knowing which tool to use
3. Worry that the password manager will get hacked
4. Not knowing how to start using it

Source: Statista

16. But what’s the main reason for using a password manager?

Half the people worldwide say using a password manager tool seems like a great way to (finally) protect their digital information.

See the table below for the other five main reasons why people opt for a password manager.

Reason to use a password manager	Share of respondents
Forgetting passwords	44%
Using it at work	31%
Heard/read about it in the news	22%
Sharing passwords with friends	16%
“I was hacked”	15%

Source: Statista

17. Global password management market to reach $3+ billion by 2025

According to Statista, the password manager market was estimated at $2+ billion in 2022 but is expected to grow to over $3 billion by 2023.

This makes sense since we have more and more passwords to juggle each year, and remembering them all by heart isn’t an option anymore. Come on, can you really remember 100+? Well, I cannot.

Source: Statista

18. 51% of Android users don’t use a password manager

Although the survey was done in selected countries, it was still found that 51% of Android and 60% of Windows users don’t have a password manager. But it’s way likelier for an Apple device user to have a password manager on their iPads and MacBooks.

Source: Statista

19. 20% of adults use a password manager to manage their accounts

The global average use of a password manager is 20%, lower than the percentage of users saving logins in browsers (25%) or entering them manually (27%).

Country	Percentage of adults using password manager
UK	26%
US	23%
Spain	21%
Germany	20%
Australia	20%
Japan	17%
France	15%

Source: Statista

Password Data Breach Statistics

20. 30% of users are victims of data breaches because of weak passwords

Nearly one-third of users (in the IT field!) fall victim to data breaches because of their weak and easy-to-crack passwords. In addition to that, almost 23% of them weren’t sure or aware whether they got attacked or not.

And using the same password for multiple accounts makes us even more vulnerable to data breaches.

Source: GoodFirms

21. Only 33% change their password after a breach

Of the users with accounts of breached websites, only 33% of them changed their passwords. Unfortunately, the research found that the new ones were barely stronger than the old ones. Many were of the same strength or even weaker.

However, according to a study by Google, 45% of Americans change their password following a data breach.

Source: IEEE Security & Privacy, Google

22. 62% of people with high password fatigue had their accounts hacked/breached

Nearly twice as many Americans with high password fatigue had their account hacked or breached. But only 29% of those with a low level of fatigue.

If you have trouble remembering your passwords, it’s wise to write them down or use a password manager.

Source: Beyond Identity

23. 60% of users reuse stolen passwords

According to SpyCloud findings, 60% of users with more than one password stolen or exposed reused this same password on one or multiple accounts.

The percentage of reused passwords with .gov emails is even higher at 87%.

Source: SpyCloud

24. Pishing is one of the most common types of password attacks

Out of 36% of breaches that happened in 2020 contained phishing, which makes it one of the most common types of attacks on passwords.

Source: Verizon

Other Interesting Password Stats and Trends

25. The passwordless authentication market grows each year steadily

Instead of using a password, more and more applications and devices are transitioning to passwordless authentication. In 2022, the market was valued at $15.6 billion, but it’s predicted to jump to over $53 billion in 2030.

Year	Market revenue
2030	$53.6 billion
2029	$46.2 billion
2028	$39.7 billion
2027	$34.1 billion
2026	$29.3 billion
2025	$25.2 billion
2024	$21.6 billion
2023	$18.5 billion
2022	$15.6 billion
2021	$12.8 billion

Source: Statista

26. The biggest data breach affected almost 11 billion user records

The biggest data breach in history experienced CAM4 (an adult cam site), affecting 10.88 billion records, including passwords, names, IP addresses, usernames, toke information and chats, to name a few.

The biggest data breaches of all time

Data breach	Nr. of affected records
CAM4	10.88 billion
AIS	8 billion
Keepnet Labs	5 billion
Yahoo	3 billion
Aadhaar	1.1 billion
Whisper	900 million
Facebook	540 million
Weibo	540 Weibo

Source: Privacyend

27. 8% of WordPress sites get hacked because of weak passwords

It’s said that a whopping 5% of WordPress websites get hacked purely because of webmasters picking too poorly structured websites. But this isn’t the only reason WP sites get hacked – check our in-depth WordPress hacking statistics for more information.

But because WordPress powers more than 40% of ALL websites in the world, you may also be interested in these general WordPress statistics.

Source: CreativeMinds

28. Trojan-PSW detections increased by nearly 1/4 in 2022

Trojan-PSW (a malware that steals passwords) detection jumped by almost a quarter in 2022 from 2021, going from 3,029,000+ to 4,003,000+.

Source: Kaspersky

29. 3 billion credentials/passwords were stolen in 2022

While we couldn’t find the data on how many were stolen last year, we came across the number 3 billion, which is how many credentials and/or passwords were stolen in 2016. That’s 8.2 million per day!

Source: Cybersecurity Ventures

30. 300 billion passwords in use in 2020

The growth of passwords is increasing rapidly, going from around 90 billion in 2018 to 300 billion in 2020. And all this means is that those 300 billion passwords need protection.

Likely, the number is much higher today because we’re downloading more apps and creating more accounts that need (hopefully unique) passwords.

Source: Cybersecurity Ventures

31. Spaniards and Germans benefit from security awareness training on passwords the most

It was found that the majority of people from Spain and Germany benefitted from the security awareness training programs on password best practices in 2021. But only 32% of people in the United Kingdom were trained in password protection’s best practices.

Source: Statista

32. Two main concerns about replacing passwords with biometric authentication

Statista reports that the two main reasons for concern when switching from traditional passwords to biometric authentication are 1) privacy concerns related to biometric authentication methods and 2) lack of device availability that supports this type of protection.

Source: Statista

33. Companies are switching to passwordless access

The worldwide switch to passwordless access is on the rise. Most companies worldwide will switch to this method in the next twelve to eighteen months, so workers won’t have to worry about remembering passwords anymore.

Moreover, security is the main reason for adopting passwordless access for IT security leaders worldwide. And for non-IT security leaders, it’s uniting different authentication mechanisms.

Source: Statista

34. The main challenge for adopting passwordless access is non-supportive technology

The number one challenge IT staff and IT security leaders face when adopting passwordless authentication is that legacy systems and applications don’t support the new technology.

Moreover, many non-IT security leaders aren’t interested in switching because they are happy with their current password authentication process.

Source: Statista

Final Words

Although it’s thought that we figured out the password game, it’s far from the truth.

The most commonly used passwords by people worldwide are still too weak (and obvious) and easy to crack, causing ongoing challenges in web security.

People can use various steps to protect themselves, like using strong passwords and storing them in password managers. And even if you’ve been using the same password(s) for many years, simply changing them with an improved one is an excellent practice.

Although technology is evolving and cybersecurity is improving, so are hackers. Thus, it’s up to all of us to do our part in creating a safer digital world – with STRONG passwords.

Do you have a unique password for all your accounts/profiles?