And users still don't understand, they keep using the same passwords for multiple accounts

Something that keeps calling my attention and especially because a few months ago I had to do a statistical job in relation to what I find myself studying, is the subject of passwords.

At the time, a lot of the information I collected ended up coming to the same point and which is obvious to anyone, since most people don't have a culture when it comes to password security, you mean, I mean, I don't blame them , since a large number of users are older adults, as well as minors and especially people who barely have a basic knowledge to be able to handle a smartphone.

And again spycloud (the leader in account takeover and fraud prevention) goes so far as to reaffirm the weak link in computer security, which is the human factor, since in a report by SpyCloud, reveals that nearly 70% of breached passwords are still in use and 64% of consumers repeat their passwords across multiple accounts.

In their report, the SpyCloud researchers 1700 billion exposed credentials have been identified, a 15% increase from 2020, and 13.800 billion recovered personally identifiable information (PII) records obtained from breaches in 2021.

Additional report findings include analysis of 1,706,963,639 credentials exposed a total of 755 sources of non-compliance.

The average breach contained 6,736,241 credentials. In total, the team found 561 credential pairs (email addresses and plain-text passwords) from government agencies internationally.

  • In addition to the most common types of data, such as names, dates of birth, and national identification numbers or driver's licenses, the exposure report uncovered vehicle makes and models, number of children, smoking status, marital status, estimated income, charge and even handles Reddit, specifically:
    • 2.600 billion names
    • 990 million addresses
    • 393 million dates of birth
    • 1.600 billion phone numbers
    • 1.200 billion social media handles

Password reuse increased four points from the 2021 report, which translates to the ease with which attackers can use a stolen password to compromise multiple accounts.

More than 82% of analyzed password reuses matched an exact password from the past, and 70% of users affected by breaches from last year and prior years are still using an exposed password.

"Reused passwords have been the primary vector for cyberattacks in recent years, and the threat of digital identity exposure is a growing problem," said David Endler, co-founder and chief product officer of SpyCloud. “The results of our annual report show that users still don't take password security as seriously as they should. The threat of account takeover is not conducive to overall improvements in consumer cyber hygiene, and that's an alarming thought given the prevalence of digital identity fraud.

The report also identifies a strong correlation between current events and chosen passwords. The report's data shows that passwords are linked to many TV shows and movies in 2021, as well as pop and rock culture.

"The best defense for protecting your business, customers, and employees is to protect users from themselves by preventing them from selecting previously exposed passwords when creating or changing account passwords, and to monitor and reset credentials exposed by third parties." as quickly as possible after an exposure»

Among other findings, SpyCloud discovered 611 breaches containing .gov email addresses, or 81% of all recovered violation sources. In total, the team found 561 pairs of identifiers (email addresses and plain text passwords) from international government agencies.

“The pandemic left many consumers yearning for connection to society. In the same way that consumers latched onto home entertainment through streaming services and sporting events, many mirrored their hobbies in passwords from the previous year," Endler said. The best defense for protecting your company, customers, and employees is to protect users from themselves by preventing them from selecting previously exposed passwords when creating or changing account passwords, and by monitoring exposed third-party credentials and restoring them as quickly as possible afterwards. of an exhibition. ”

finally if you are interested in knowing more about it, you can check the details in the following link.

The content of the article adheres to our principles of editorial ethics. To report an error click here!.

A comment, leave yours

Leave a Comment

Your email address will not be published.



  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   I the bald said

    what you have to use is the firefox password generator, you save it in the account and that's it
    the bad thing is that if you forget or lose the user account you get screwed hehe