)
)
For nearly four years, the magic number in every cybersecurity expert’s mind was 100 – the average number of passwords a person handles. During the pandemic and following a boost in hybrid work and digital communication, our usage of digital spaces has only expanded. It’s time to look at the newest numbers: How many passwords does the average person have in 2024?
Contents:
A survey conducted by NordPass in 2024 revealed a rapid growth in password usage for personal purposes, with an increase of nearly 70% in just over three years. According to the latest data, the number is now 168. For the first time, the survey also recorded the average number of passwords used for business-related accounts: 87. Let’s take a closer look at the research and learn what this increased number of passwords means for our online safety.
The upward-pointing trend
NordPass has been tracking password usage statistics since 2020. The first survey was conducted in February of that year, just a month before the start of the COVID-19 pandemic. It was reported that an average user handled around 80 passwords at that time.
The follow-up survey was conducted in October of the same year. Eight months into the pandemic, the uptick in password handling was already evident. The average number of passwords handled by a person went up 25% to the number cited since – 100.
As stated by Tomas Smalakys, CTO at NordPass, COVID was perceived as the main cause at the time, as people were staying indoors and handling all processes – from shopping to medical appointments – online.
However, a lot has changed in four years, and the rapid increase in digital accounts we handle now goes beyond the life rhythm of lockdowns. According to Smalakys, “the amount of accounts that people hold gets higher every year. Multiple factors come into play – new services get launched, new shops are opened.”
As the scope of digital services increases, so does the number of accounts users handle. Naturally, the latest password statistics reflect this. It’s important to note that the numbers don’t just consider active or frequently used accounts. In fact, many accounts remain dormant as users forget about them and don’t delete them even if the accounts are no longer needed.
First insights into business password handling
For the first time, the 2024 NordPass password survey also researched work-related password usage. It was revealed that the average number of passwords per person in the workplace is 87.
While this is a new index for the NordPass survey, we can assume that the number of accounts required for work has seen a similar upward trend in recent years as remote and hybrid work opportunities have become increasingly popular.
Adding the number of personal and business passwords together brings the total to 255. Juggling that many passwords can be problematic in terms of both security and convenience.
Methodology: The new quantitative research by NordPass was conducted on March 4-15, 2024, and surveyed 1,509 NordPass users.
What happens when you have too many passwords to remember?
The problem with handling so many accounts on average is that they aren’t equally important to a person. In fact, many accounts are abandoned or forgotten after a handful of visits. This can pose a serious security risk, as users may overlook data breaches and not realize their accounts have been compromised.
Managing hundreds of accounts can be a tedious job that not all users are willing or able to do. The trend points toward people hoarding their online accounts and forgetting to review and close accounts they don’t use as frequently or no longer require. In many cases, breaches are overlooked, as the users simply forget they have accounts on breached platforms.
Another issue concerns the reuse of passwords. With nearly 200 accounts to manage, creating and then remembering a unique password for each one can seem impossible. This leads to people reusing the same or similar passwords for different accounts to simplify logging in. For example, they may reuse the same word or phrase, adding a single number, capital letter, or special symbol if required for security purposes.
This opens up multiple accounts to vulnerabilities. For example, if one account is breached, all accounts using the same password and owned by that user are at risk. Abandoned accounts on rarely visited platforms with weaker security measures can become the prime target for cybercriminals.
The threat increases if people reuse the same credentials for both personal and work accounts. A breach of a personal account could potentially affect the company’s security as well. According to the 2023 Data Breach Investigations Report, stolen credentials were among the top three main methods of accessing an organization, followed by phishing and vulnerability exploitation. Password mismanagement and vulnerabilities pose risks ranging from loss of access to financial damages or identity theft.
What can you do to handle passwords easier?
You might be thinking about how many accounts you currently have and how many may use insecure passwords. To make your credentials management less overwhelming, here are some best practices you can follow to reduce the number of passwords used in your daily life:
Deactivate unused accounts. Considering how many passwords the average person has, tracking down every unused account you’ve created may be difficult. However, if you know for certain that you no longer need an account, deactivate it to reduce your password load.
Set up a password manager. As you work to reduce the number of accounts you own, you will encounter many that remain necessary. NordPass helps individuals and businesses manage their passwords with ease and security in mind. Its built-in features support generating unique and secure passwords, simplifying logging in with autofill, and accessing all sensitive data on desktop and mobile devices as well as major browsers.
Regularly update your credentials. The longer you use a password, the higher the chances of it being breached. If you regularly change your passwords, you keep your accounts safer. Password Health lets you see which of your login credentials are weak, old, or reused.
Make sure all passwords are strong. We recommend passwords be at least 20 characters long and contain a combination of letters, numbers, and special symbols. A password generator helps quickly create passwords that meet this criteria. For more tips on creating strong passwords, visit our dedicated blog post.
Stay ahead of breaches. Use the Data Breach Scanner to get real-time alerts if your passwords, email addresses, or credit card details have appeared on the dark web.
Enable multi-factor authentication (MFA). Add an extra layer of protection to your accounts and ensure that even if your password is compromised, cybercriminals cannot access the affected account.
Switch to a passwordless solution where possible. Passkeys are a new, more secure way of logging in to your accounts. They use a combination of biometric verification with cryptographic keys, offering a safer and more convenient alternative to passwords. NordPass lets you easily store and manage passkeys on different devices.
Whether you have 18 or 168 passwords, NordPass makes password management simple and convenient. Your passwords, passkeys, credit card details, and other sensitive information are protected in the xChaCha20-encrypted vault, which only you can access.
NordPass offers a range of features tailored for personal and business use, including Email Masking, passkey support, secure item sharing, centralized policies for companies, and an Activity Log. You can try NordPass Free and Premium for your personal use or sign up for one of the Business plans based on your organization’s needs.
Make password management simple