How global password practices are changing

2023-11-06 06:30

Password reuse remains prevalent leaving user accounts particularly vulnerable to password-spraying attacks if they're not protected by strong multi-factor authentication.

Recent password-spraying style attacks that leverage compromised credentials, such as those against 23andMe accounts, illustrate the increased risk and greater exposure that comes from password reuse.

Regardless of whether or not a user's passwords are strong, a reused password can have a domino effect: If one account is compromised, they could all fall down, especially without MFA. The report found that the average user has an overwhelming 227 accounts that require a password, making it unrealistic to expect anyone not using a password manager to be able to adequately secure and manage their digital lives.

"As we work to replace the password with a more secure and user-friendly option like passkeys, we need to continue to focus on getting the basics right, like ensuring good password hygiene coupled with strong multi-factor authentication."

The fastest way to boost password health and hygiene is to transition to passkeys - a secure, easy-to-use, and phishing-resistant replacement for passwords.

Passkeys don't need to be remembered by users, since they are automatically available directly from the user's device or password manager.

News URL

https://www.helpnetsecurity.com/2023/11/06/password-health/