Credentials
We've curated 148 cybersecurity statistics about credentials to help you understand how password management, multi-factor authentication, and the rise of phishing attacks are shaping the security landscape in 2025.
Showing 81-100 of 148 results
62% of Gen Z report some level of stress when it comes to managing passwords.
Only 13% of Gen Z report using a password manager to securely share sensitive login information.
35% of Gen Z respondents revealed they never or rarely update passwords after a data breach at a company with which they have an account. Only 10% of Gen Z reported that they always update compromised passwords.
55% of all respondents have abandoned logging into an account entirely or created a new one just to avoid the hassle of resetting a password.
79% of Gen Z believe that reusing the same password across multiple accounts is risky.
67% of Boomers say they don’t share passwords at all, and only 7% of Boomers resort to text-based sharing.
19% of Gen Z send screenshots of their credentials.
21% of Gen X admit they don’t trust or know how to set up a password manager
72% of Gen Z admit they reuse the same password across accounts. This contrasts with 42% of Boomers who report doing the same.
A quarter (25%) of Gen Z often or always rely on the password reset function to access an account when they’ve forgotten their password. This is higher than 11% of Boomers and 17% of Gen X who do the same.
30% of Gen Z often or always forget passwords to important accounts.
38% of Gen Z report changing only a single character or reusing an existing password when prompted to update a credential. This is similar to 31% of Millennials.
Gen Z is the most likely generation to use password management software (46%). This compares to 39% of Millennials and 33% of Gen X.
19% of Gen Z share passwords verbally.
Credentials or data were stolen in nearly half of all cyberattacks.
Stolen access credentials published on dark web marketplaces increased by approximately 28% from approximately 6 million in 2023 to approximately 7.7 million in 2024.
There was an average of 44 exposed credentials per malware infection.
By using holistic identity matching for an individual employee, the average exposure increases to 146 records per employee, 22 unique usernames, 13 total usernames, 89 unique emails, 141 total emails, 57 credential pairs, and 8 unique sources. This represents more than 12x the exposed data compared to the traditional view.
There were 2.2 billion credential pairs (username/email + password) recaptured.
The average exposure for a single employee identity in 2024, under a traditional exposure model, shows 11 records per employee, 1 unique username, 1 total username, 1 unique email, 11 total emails, 7 credential pairs, and 7 unique sources (breach, malware, or phish).