Password habits are changing, and the data shows how far we’ve come

In this Help Net Security video, Andréanne Bergeron, Security Researcher at Flare, explains how changes in user habits, policy shifts, and new tools have shaped password security over nearly twenty years. She walks through research based on leaked passwords from 2007 to 2025 and shows how strength levels rose as standards evolved and breach events pushed users to reset weak credentials.

Bergeron points out that a small group still relies on poor choices like simple number strings, yet stronger machine generated passwords have grown due to built in managers in major operating systems. She highlights two major jumps in strength around 2011 and later from 2019 onward, both tied to new rules and broader adoption of password management tools.

The video ends with a reminder that progress is measurable but gaps remain, which leaves ongoing work for security teams and users. The study offers guidance for future improvement in password practices.

Beyond Passwords: A Guide to Advanced Enterprise Security Protection