Almost 20% of unique passwords mixed case letters and numbers but did not include special characters.

There has been an improvement in complexity over time: in 2022, only 1% of passwords used a mix of lowercase, uppercase, numbers, and symbols; this figure has now climbed to 19%.

Food is popular in passwords, with "tea" appearing in 36 million entries, "apple" in 10.7 million, "rice" in 4.9 million, "orange" in 3.6 million, "Pizza" in 3.3 million.

US States are popular in passwords, with "Carolina" appearing in 1.9 million entries, "Dakota" in 1.2 million, "Texas" in 1.1 million.

Seasons are popular in passwords, with "Summer" appearing in 3.8 million entries.

47% of consumers will abandon purchases if they have forgotten their password for that particular account.

Passkey implementation has reached 48% of the world’s top 100 websites

Among people familiar with passkeys, 53% believe passkeys offer greater security than passwords.

74% of consumers are aware of passkeys.

Over 35% of people had at least one of their accounts compromised due to password vulnerabilities in the last year.

Among people familiar with passkeys, 54% consider them to be more convenient than passwords.

More than two thirds of users familiar with passkeys turn to them for simpler, safer sign-ins.

69% of consumers have enabled passkeys on at least one of their accounts.

Among those who have used passkeys, 38% report enabling them whenever possible.

More than half of consumers believe passkeys are both more secure (53%) and more convenient (54%) than passwords.

Credentials for victims of the Play, Akira, and Rhysida ransomware groups were found on cybercrime marketplaces between 5 and 95 days prior to the reported attack.

Among the roles most vulnerable to credential theft, 28% were in Project Management, followed by Consulting (12%) and Software Development (10.7%).

76% of CIOs acknowledge the growth threat of credential leaks.

The average time between credentials being found and the reported ransomware attack was 2.5 weeks

With AI-grade hardware, password cracking speeds have surged by over 1.8 billion percent compared to consumer-grade machines. This acceleration using AI-grade hardware has collapsed cracking timelines from billions of years to just a few hours.