Bitwarden announced the results of its third annual global password management survey, in advance of World Password Day on May 4, 2023. The survey probes ongoing user password habits such as continued password reuse, ever present cybersecurity risks, and growing interest in passwordless authentication.

Beyond Passwords

The survey explored sentiments around passwordless technology such as biometrics, passkeys, and security keys. A majority (57%) of US respondents reported being ‘excited' about passwordless technology, a number that mirrors the global response (56%). Of the US respondents using passwordless authentication, 40% are or would consider using biometrics such as facial recognition, fingerprint, and voice to represent ‘something you are' and 33% would prefer a PIN, name, or word for ‘something you know.' The ‘something you are' method is more prominent globally, with 50% of respondents utilizing or considering it.

US respondents who said they were not excited about passwordless authentication cited a few qualms: 55% prefer to use their memory over their fingerprint or face ID and 36% were worried about their fingerprint or face ID being used against them. The first finding further illustrates the propensity of users to rely on their memories to manage their passwords, a strategy that comes at a cost with users resorting to weaker, more memorable passwords.

Password Habits

Overall, 54% of Americans rely on their memories to manage passwords for websites, apps, and services at home or at work - up from 49% last year. This might help explain why 58% have to regularly reset their passwords because they can't remember them, including 12% who do so everyday. These findings are part of the mixed picture that is personal password security postures. 75% use passwords that are at least 9 characters; and 69% use two-factor authentication (2FA) for work accounts and 70% for personal accounts. The survey also points to some significant vulnerabilities:

• In the US, 22% have been reusing the same password for more than a decade
• Around a quarter of US respondents (26%) report being affected by a data breach in the past 18 months; while data breaches may not be preventable, they tend to have a ripple effect for those that reuse their passwords
• Nearly all (93%) Americans are concerned about cybersecurity threats
• In the US, almost three-fourths (71%) manage passwords for 10 or more sites - a number that has particular resonance when considering the percentage of Americans who rely on memory to manage passwords

Sharing Passwords

The results also looked at habits when it comes to sharing passwords for digital apps and streaming. In spite of news around Netflix's plans to crack down on password sharing this year, nearly half (47%) of US respondents (36% globally) still share passwords for TV streaming services. That's higher than US respondents who share passwords for social media apps (31%), banking apps (28%), and music streaming apps (31%).

Similar to prior surveys, the 2023 survey probed password managers in the workplace. Last year, 32% of Americans said they were required to use a password manager at work. This year tracked similarly, with 31% reporting workplace usage, a number that was again higher than the global average of 23%. And of the US respondents required to use password managers, 91% reported their employer provided the software.

"This year's survey delivered encouraging results around passwordless technology and 2FA," said Bitwarden CEO Michael Crandell. "Other results show room for improvement. While over half of respondents use password managers, there is clearly still major room for growth in adoption. Password managers mitigate the need for password reuse and trying to rely on fickle and fleeting memory. Equipping users with the tools they need to use strong and unique passwords for sites that require passwords - and passwordless authentication for those that support it - means they are much less likely to suffer the pain of a data breach."

Password Security for All

Try Bitwarden as an individual across all of your devices for free, or upgrade to the Bitwarden Premium Account for just $10/year at https://bitwarden.com/pricing.

To bring Bitwarden to your workplace and begin a 7-day free trial, visit https://bitwarden.com/go/bring-bitwarden-to-work/ to enable your team's safety.