Friday, May 23, 2025

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Identity & Access Security Bloggers Network Social Engineering 

Home » Cybersecurity » Identity & Access » Password Security

SBN

Password Security

by Social-Engineer on May 11, 2022

Password security is extremely important. No doubt, this is something you have heard before. In fact, it may be something that you hear and then immediately dismiss because you’ve heard it so many times. Why, though, should we not dismiss it? And how much do we really know about password security?

LastPass wrote a very interesting article on the Psychology of Passwords. In it, they included statistics from a poll taken of 3,750 professionals across 7 countries. Today we are going to look at some of those statistics and discuss what they mean for us, and why it matters.

Password Security

Techstrong Gang Youtube
AWS Hub

Password Education

What do the statistics show us? To start, only 8% of professionals said that a strong password should not have ties to personal information. This means that many people are creating passwords that involve personal information. Many times, people will use information like birthdays or home addresses in password creation. Why is this alarming?

Over the last two years, our digital lives have grown exponentially. The more accounts being created means the more personal information being shared online, both in password creation and otherwise. If just one of those accounts breached shows a password involving personal information, it means that information is out there and available to malicious parties. Furthermore, in 2021, 27% of those surveyed said they shared photos of their house or neighborhood on social media. This number increased 20% from 2020.

In addition to these figures, people tend to reuse passwords. Is this really such a dangerous behavior?

Why is Reuse so Dangerous?

Is password reuse risk-taking behavior? Yes. This is because just one stolen username and password combination can potentially allow malicious actors to access multiple accounts. “According to a Verizon Data Breach Report, 80 percent of data breaches are the result of poor or reused passwords.” What a staggering number! This is why password reuse can be so dangerous. This danger can be elevated when password reuse is leveraged across corporate networks.

Why do People Engage in Bad Password Behavior?

So, why do people engage in bad password behavior? 68% of people say they reuse their passwords because they are afraid of forgetting them. 52% want to be in control of all their passwords. And 36% say they do not think their accounts are valuable enough for malicious actors.

Be assured, malicious actors will take advantage of any accounts they can leverage. So, what can help us remember our passwords and remain in control of our accounts? Let’s see what good password behavior really looks like.
Password Security

What is Good Password Behavior?

Keep the following points in mind for good password behavior:

  • Each password should be unique
  • Use nonsensical combinations of characters
  • Employ multifactor authentication
  • Be sure to update passwords when notified of a breach

If this list feels daunting to you, there is a tool that can help make it a little easier, especially if you’re worried about remembering your passwords. This tool is called a password manager. Password managers store all your passwords for you and can even provide you with secure and unique passwords. When you use a manager, all you will need to remember is the password for entering the application. This will save you time, mental energy, and likely the headache of forgetting passwords.

Consider also using a passphrase instead of a password. This could be a full sentence from your favorite book, movie, song, etc. Choose something that has meaning to you, but you have not posted about on social media. Using a phrase like this with proper punctuation, capitalization, and spacing will be hard for attackers to brute force or guess, while remaining easy for you to remember.

Secure and Protected

Password security is extremely important. You’ve heard it before, and you will hear it again. Now, though, you may have a clearer understanding of why it is so important. We hope the tips included in this article will help you to be more secure and protected as you move forward.

Sources:
https://blog.lastpass.com/2021/09/new-report-2021-psychology-of-passwords/
https://www.crn.com/news/channel-programs/logmein-poor-or-reused-passwords-responsible-for-83-percent-of-breaches
https://www.social-engineer.com/secure-it-keep-your-digital-profile-safe-from-vishers-and-phishers/

Images:
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQhEBoaydq0EFUjzvgm8dtQmnGowksjleGcRw&usqp=CAU
https://images.idgesg.net/images/article/2018/08/5_password-best-practices_unique-passwords_authentication-100768646-large.jpg?auto=webp&quality=85,70

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer. Read the original post at: https://www.social-engineer.org/social-engineering/password-security/

May 11, 2022May 11, 2022 Social-Engineer General Social Engineer Blog, password behavior, Password Security, psychology of passwords, social engineering
  • ← Penetration Testing Best Practices for Every Stage of Testing | APIsec
  • Mobile Devices As Attack Vector for Ransomware →

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Experience at Qlik Connect 2025

Upcoming Webinars

Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

ThreatLocker

Most Read on the Boulevard

EU Stakes Out Digital Sovereignty With Vulnerability Database 
Tracking Accusations May Have Roblox Back in Court 
Strategic Defense Innovation: Israel and South Korea’s Technological Partnership 
Survey: Too Much Time Being Spent on Managing Cybersecurity Tools
Signal Gives Microsoft a Clear Signal: Do NOT Recall This
SK Telecom USIM Data Compromise: Millions of Customers at Risk
The State of AI in Cybersecurity 2025: What’s Working, What’s Lagging, and Why It Matters Now More Than Ever
Fairfax County, Va., CISO Michael Dent on Leadership
Adapting to New Security Challenges in the Cloud
10 SaaS Security Risks Most Organizations Miss | Grip

Industry Spotlight

Signal Gives Microsoft a Clear Signal: Do NOT Recall This
Application Security Cyberlaw Cybersecurity Data Privacy Endpoint Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight Most Read This Week News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities 

Signal Gives Microsoft a Clear Signal: Do NOT Recall This

May 22, 2025 Richi Jennings | Yesterday 0
Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches 

Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty

May 16, 2025 Jeffrey Burt | May 16 0
Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)
Analytics & Intelligence Cloud Security Cybersecurity Data Privacy Data Security DevOps Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)

May 15, 2025 Richi Jennings | May 15 0

Top Stories

Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence 

Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer

May 22, 2025 Jeffrey Burt | Yesterday 0
Survey: Too Much Time Being Spent on Managing Cybersecurity Tools
Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Survey: Too Much Time Being Spent on Managing Cybersecurity Tools

May 21, 2025 Michael Vizard | 1 day ago 0
Linux Foundation Shares Framework for Building Effective Cybersecurity Teams
Cybersecurity Featured News Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Linux Foundation Shares Framework for Building Effective Cybersecurity Teams

May 16, 2025 Michael Vizard | May 16 0

Security Humor

Randall Munroe’s XKCD ‘Baker's Units’

Randall Munroe’s XKCD ‘Baker’s Units’

Download Free eBook

7 Must-Read eBooks for Security Professionals

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2025 Techstrong Group Inc. All rights reserved.
×

Security in AI

Step 1 of 7

14%
How would you best describe your organization's current stage of securing the use of generative AI in your applications?(Required)
Have you implemented, or are you planning to implement, zero trust security for the AI your organization uses or develops?(Required)
What are the three biggest challenges your organization faces when integrating generative AI into applications or workflows? (Select up to three)(Required)
How does your organization secure proprietary information used in AI training, tuning, or retrieval-augmented generation (RAG)? (Select all that apply)(Required)
Which of the following kinds of tools are you currently using to secure your organization’s use of generative AI? (select all that apply)(Required)
How valuable do you think it would it be to have a solution that classifies and quantifies risks associated with generative AI tools?(Required)
What are, or do you think would be, the most important reasons for implementing generative AI security measures? (Select up to three)(Required)

×