Looks like we're all getting better at passwords - but there's still plenty of room for improvement

Yleisimmät salasanat on helppo murtaa. (Image credit: italii Vodolazskyi / Shutterstock)

New research suggests that, collectively, many of us are getting better with our password practices - but we're still far from perfect. 

A report published by popular password manager Dashlane analyzed data anonymously from millions of its users around the world, and found some bittersweet conclusions. 

Despite the global improvement in password hygiene, the average password health score was still within Dashlane's "needs improvement" category. The report also highlighted the concerning number of reused and compromised passwords, as well as calling for a greater adoption of passkeys, the new passwordless technology.  

Needs improvement

The Global Password Health Score Report found that the average password health score for this year was was between 70.9 to 78.2, the former figure representing North America and the latter Eastern Europe. 

Every region in the analysis improved their score by two points on average compared to last year's report. However, this range still falls short of Dashlane's ideal score of 90 and above.

What's more, 44% of passwords around the world are reused, which makes users vulnerable to password-spraying attacks, where threat actors use a single stolen password to try and access multiple accounts to see if they get lucky.

The North American region also had 17% of its passwords compromised, which, although a 2% drop on last year, is still a worry for Dashlane, since the average user has over 200 online accounts that are password protected. North America was also the world leader in the amount of compromised and weak passwords.  

Dashlane believes in the importance having good password health, citing a report from Verizon which found that 80% of breaches via hacks are due to weak, stolen, or reused passwords. What's more, the cost of breaches to business has risen over the past three years to $4.45m for organizations around the world.

One of the company's recommendations is for users to start adopting passkeys more, which replace passwords with a pair of cryptographic keys, the private portion of which is not known to anyone - not even the user. This makes them phishing resistant. 

Dashlane and other popular password managers are gradually starting to support passkeys, offering users an alternative place to create and store them, allowing them to be deployed across various different platforms. Passkeys stored in the proprietary managers of tech giants like Apple, Google, and Microsoft, can only be used within their respective ecosystems.


Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 

His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.

He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.