Credentials
We've curated 148 cybersecurity statistics about credentials to help you understand how password management, multi-factor authentication, and the rise of phishing attacks are shaping the security landscape in 2025.
Showing 101-120 of 148 results
SpyCloud's 2024 research reveals the staggering scale of exposed credentials circulating within the criminal underground: 3.1+ billion total passwords recaptured.
An alarming 70% of users exposed in breaches last year reused previously-exposed passwords across multiple accounts, an increase from 61% in 2023.
There were 895,802 stolen credential records for enterprise AI tools observed by SpyCloud in 2024.
SpyCloud found 159,313 stolen credential records from popular password managers in 2024.
SpyCloud recaptured 7 million stolen credential records for third-party applications in 2024, a 48% increase from the year prior.
93% of the recaptured passwords were cracked by SpyCloud and delivered as plaintext.
Under holistic identity matching, the average exposure for a single consumer identity shows 229 records per customer, 52 unique usernames, 105 total usernames, 27 unique emails, 125 total emails, 227 credential pairs, and 9 unique sources.
142.27 million individuals had a password exposed in 2024, a 125% increase from 2023.
51% of respondents said fraud is more common when using username and password alone.
90% of IT admins rely on employees to update their own credentials.
60% of IT managers report their strategies for quickly updating at-risk credentials to be only somewhat effective or completely ineffective.
36% of IT admins rely on direct conversations for employees to update credentials.
46% of IT leaders suggest that simplified workflows for non-technical users would facilitate easier and timelier password updates.
45% of IT leaders advocate for regular security training to instil robust password habits and awareness among employees
Only 33% of IT managers reveal that they are currently able to take a proactive approach to credential security.
66% of organisations that do not alert employees to update at-risk credentials say they lack the tools or resources to do so effectively.
68% of IT managers say employee motivation is the biggest challenge in remediating at-risk credentials.
51% of IT leaders believe that clearly prioritising security actions significantly enhances security posture.
53% of IT managers want to take a proactive approach to credential security.
36% of IT admins cite difficulty tracking employee progress toward more secure practices.