Why 72% of people still recycle passwords
A new Security.org report underscores how poor the password practices of many people still are. The survey found that the vast majority (72%) of users reuse passwords. On average, recycled passwords are used for 4 different accounts. Password recycling is a terrible practice because it puts users at risk of credential stuffing attacks, in which threat actors use leaked or stolen login credentials for user accounts of one service, to try and gain access to accounts for another service.
63% of people recycle passwords between important websites like business accounts, and accounts for entertainment services. In addition, 68% of respondents admitted they often use slight modifications of other passwords. This means that even if people use different passwords, they may still fall victim to credential stuffing because threat actors can use fuzzing algorithms to catch tweaked passwords as well.
Read more: Why 72% of people still recycle passwords