The state of password security in 2024

In this Help Net Security video, John Bennett, CEO at Dashlane, discusses their recent Global Password Health Score Report, detailing the global state of password health and hygiene.

Poor security habits like password reuse remain widespread. With passwordless technologies like passkeys still in their early stages of adoption, organizations must remain vigilant. The risk of weak, reused, and compromised passwords fuels credential-based breaches, underscoring the need for stronger password management practices even as new technologies emerge.

Top survey highlights:

• Globally, password health scores continue to improve year-over-year, with scores increasing between 2-4% over the past year. North America had the lowest security score and the highest percentage of compromised passwords.
• Although the share of reused passwords has decreased, reused passwords still remain between 40-50% across regions globally, showing overall poor security hygiene.
• Industries with the highest password health scores were those traditionally tech-savvy and SaaS-oriented, such as technology and telecommunications. Interestingly, education also ranked in the top five, likely due to its frequent targeting by attackers.
• Industries with the lowest password health scores were typically slower to adopt digital best practices or operated primarily in offline, physical environments. This group included sectors like legal, healthcare, and construction.
• Surprisingly, small businesses had the highest average number of credentials (122), as well as the largest share of compromised credentials, followed by mid sized companies (76) and enterprises (52).
• The fastest way to boost password health and hygiene is to transition to passkeys.