More Than One in Three Americans Engage in Risky Password Behavior Finds SecureAuth Survey

IRVINE, Calif. – April 20, 2016 – SecureAuth Corporation, the leader in adaptive access control, today announced in conjunction with Wakefield, the results of its survey on how Americans perceive and handle passwords. The report found that Americans are exasperated with conventional online password management, which has led to risky behavior. In fact, more than one in three Americans (35 percent) write passwords down to help remember them. Additional findings showcase password pain points and shed light on unsafe behavior, with 74 percent of respondents relying on means other than memorization to manage their online passwords.

Beyond memorization issues, consumers have a number of qualms with traditional passwords. When asked what they consider most annoying about online passwords, responses were as follows:

• Keeping up with different password requirements across accounts – 29 percent
• Meeting complex password requirements – 18 percent
• Needing to change it regularly – 15 percent
• Getting locked out for too many incorrect attempts – 12 percent

Recent high profile breaches demonstrate how easy it is for attackers to compromise credentials – and there is little doubt that cybercriminals are becoming more adept at compromising personal data. From Ashley Madison to TalkTalk to the Office of Personnel Management, millions of users were victims of online crime. These attacks have also precipitated aggressive measures. For example, in November Amazon had to force-reset accounts due to fears of a password leak.

“From email to social media to your online bank account, just about every online identity requires a password. In this high-tech age, passwords are a way of life. Many, however, are making some low-tech choices – as evidenced by the 35 percent of individuals who write down passwords,” said Craig Lund, SecureAuth CEO. “Cyberattacks cost millions of dollars a year, hurts individuals and leads to long, drawn-out lawsuits. Just ask the FBI, Target or IRS. It’s in everyone’s best interest to make it difficult for attackers to cause damage – now we just need to reframe what defines safe when connected online.”

Overall security posture isn’t just a niche security industry concern. In February, the White House published the unprecedented Cybersecurity National Action Plan, or CNAP, to address what the President sees as weakness in cybersecurity preparedness across the country – problems within the federal government, private sector business, even within citizens’ private lives.

CNAP can only go so far in protecting Americans. Outside of government recommendations, individuals committed to improving their personal cybersecurity posture must be both vigilant and proactive about protecting their identities. This includes:

• Steering clear of password reuse across multiple sites
• Setting up a password manager to help manage complex passwords
• Where possible, enabling two-factor authentication on any website or web based application

About SecureAuth

SecureAuth is the leader in adaptive access control solutions, empowering organizations to determine identities with confidence. SecureAuth™ IdP provides authentication security, Single Sign-On and user self-service tools together in a single platform, allowing strong identity security while minimizing disruptions to the end-user. SecureAuth IdP is currently protecting over 5 million users worldwide. For the latest insights on adaptive access control, follow the SecureAuth blog, follow @SecureAuth on Twitter, or visit

SecureAuth™ IdP is a trademark of SecureAuth Corporation in the United States and/or other countries.countries.

Pin It on Pinterest