Password Security
We've curated 29 cybersecurity statistics about Password Security to help you understand how evolving threats, advanced authentication methods, and best practices are shaping the way we protect our digital identities in 2025.
Showing 21-29 of 29 results
Simple passwords like Pass@123 and P@ssw0rd, which meet basic Active Directory requirements, are frequently used, increasing the risk of password reuse.
45% of organisations who only check for compromised passwords during expiry or reset events average only two checks for compromised passwords per year.
Organisations using SaaS apps have an average of 47,750 passwords to manage.
Only 50% of organisations scan for compromised passwords more than once a month.
The most common base terms used in breached passwords were “password”, “admin”, and “welcome”.
53% of people admit to using the same password across multiple accounts.
The most common length for compromised passwords was 8 characters (212.5 million total).
31.1 million breached passwords were over 16 characters in length.
123456 was the most common compromised password found in a new list of breached cloud application credentials.