Never use your master password as a password on other accounts
One in three Americans now use password managers, up from one in five in 2022, according to an online poll by Security.org that quizzed 1,051 American adults on how they use passwords and password managers.
How users choose and use password managers
Users opt for password managers for multiple reasons: they have to manage numerous accounts across various devices, they want the added security password managers provide, and they want to stop memorizing too many complex passwords.
The software is mostly installed on phones, but the number of password managers installed on laptops, desktops, tablets and other devices has been rising year-over-year.
“This year, three-quarters of subscribers use vaults on personal computers, and 71 percent deploy them across multiple devices,” the security experts noted.
“With remote working and cloud databases now firmly established corporate practices, professional use of password managers also continues to rise. This year, we found that 58 percent of adults use the services for employment credentials, up from 50 percent last year.”
The most popular password managers are Google Password Manager and Apple’s iCloud Keychain, primarily because they’re built-in, practical and free. LastPass was also widely used two years ago, but its popularity took a serious hit due to the 2022 and 2023 data breaches.
Users expect password managers to be convenient/easy to use, have additional security features (e.g., biometrics, offline backup), and be either free or not very expensive. They prefer brands they use and respect, and are swayed by personal recommendations from friends, families and positive online reviews.
A risky game of reuse
Even though 71% of non-users are considering using a password manager in the future, a significant percentage (29%) is not.
“Many don’t believe vaults are necessary, think they are potentially unsafe, or presume they’re overly complex or expensive,” the experts noted.
“Greater public awareness, education, and first-hand experience might convince more Americans to abandon memorization and notebooks to join the growing number of satisfied users better guarding and organizing online credentials.”
Nevertheless, compared to a year ago, more Americans are using password managers. But the survey has revealed a worrying trend: 28% of users use their master password as a password on other accounts (compared to 19% in 2021, and 25% in 2022).
“This practice is particularly hazardous. Hackers who obtain one reused password in a third-party leak can then breach password manager accounts to steal all of a subscriber’s logins,” Security.org experts warned.
Master passwords should be long (to make it more difficult to crack), memorable to the user (but not easily guessed by attackers) and, above all, unique.
The survey has also revealed that 10% of respondents have used/are using security keys and passkeys to safeguard their accounts.
But, the experts noted, despite these gains in password manager and passkey use, six in ten Americans still rely on insecure methods (memorization, notes, browsers, unencrypted files, etc.) to keep track of their credentials.