It’s 2022 and after years of warning people repeatedly about the dangers of using the same old passwords and using the same password across multiple websites, you would think this would get better. You would think we’d have that problem solved and there would be one less network security risk to worry about.
Unfortunately, if you think that you would be wrong.
Even now, after endless hours of email safety training and articles just like this one published by the hundreds all over the web, people are still gravitating to the same garbage passwords and still reusing them across multiple websites they frequent.
In fact, it’s even worse than that, if recent research by SpyCloud is any indication. They poured over data containing 1.7 billion username and password combinations gleaned from 755 leaked sources in 2021. Based on their research, a staggering 64 percent of people are still using the same password exposed in one data breach for other accounts.
Keep in mind that Google now comes right out and tells Chrome users how many of their saved passwords are at risk for exactly that. Even with the information staring them in the face, significantly more than half of all users won’t change their habits.
These statistics must be taken with a grain of salt because the methodology is somewhat imprecise. It doesn’t matter if the actual percentage is five points or so lower becausethe broader issue remains the same.
By now, everyone knows the risks that bad passwords pose. Everyone is aware of the dangers of using the same password to access multiple web properties and yet, nothing is changing.
Until there is a tangible financial cost imposed, either by companies beginning to fine users with bad passwords or hackers taking full advantage of those weak passwords and financially punishing those using them, it’s not going to change. It’s a real pity it has come to that.