World
Password Day
Global Survey 2024
02
Security threats
03
Passkey authentication
2 World Password Day 2024
2
Survey demographics
Bitwarden partnered with Propeller Insights to conduct its fourth annual global World Password Day survey.
The survey examines password security habits at home and in the workplace, assesses the perceived impacts of phishing and AI on security, and captures user sentiment toward passkey adoption.
46%
Female
48%
Married
24%
Age 35-44
93%
Full-time employee
28%
Highest education
Bachelor’s degree
54%
Male
3 World Password Day 2024
3
Six countries globally
Over 2,400 respondents worldwide
United Kingdom
Germany
United States
Australia
Japan
France
4 World Password Day 2024
4
Password habits
at home and at work
Password manager use at home inching up
54% of respondents still rely on memory to manage passwords at home.�32% use password management software at home - up from 30% the previous year.
How do you manage your passwords for sites and services?
6 World Password Day 2024
Work
Home
Memory
Pen & paper
Password management software
Digital documents
Other
54%
33%
20%
16%
3%
32%
53%
34%
18%
9%
5%
30%
6
Security habits follow from home to the workplace
51% of respondents who use a password manager at home note they’ve become more security conscious at work. 45% of users also report reusing passwords less frequently.
Since using a password manager at home, how would you describe your change in security habits at work?
7 World Password Day 2024
51%
45%
18%
28%
I’ve become more security conscious
I reuse passwords less frequently
I’ve shared the benefits of password managers with family and friends
They have not changed
7
Password reuse remains a challenge
Password reuse has not improved, 84% of respondents still continue to reuse passwords across accounts at home
8 World Password Day 2024
Very frequently 14%
How frequently do you reuse passwords at work?
Somewhat frequently 33%
Rarely 29%
Never 20%
Unsure 4%
How many sites or apps do you reuse passwords for at home?
I do not reuse passwords
1-5
6-10
11-15
16-20
20+
33%
26%
15%
5%
6%
16%
Number of Sites
8
Social media poses security risk
Out of the 36% of respondents who use personal information in their passwords,�60% report that this info can be found on their social media accounts.
Where else might this personal information appear online?
.
9 World Password Day 2024
Social media
Public records
Online forums
People search sites
Unsure
Yes
Do you use personal information in your passwords?
60%
31%
30%
27%
27%
36%
No
64%
9
Two-factor authentication gaining in popularity
80% of respondents say they use 2FA for personal accounts, compared to only 66% the previous year.
Just 7% say they are not sure what 2FA is - a substantial decrease from 22% last year.
10 World Password Day 2024
Do you use two-factor authentication (2FA)?
Work
Home
Yes, for most accounts
40%
41%
Yes, only for important accounts
40%
26%
No
13%
28%
Not sure what 2FA is
7%
6%
10
SMS-based 2FA dominates, despite being the least secure
The majority (65%) use SMS-based as their primary form of 2FA across sites and services, which is known in the security industry to be the least secure method of two-factor authentication.
Authentication apps/TOTP
App-based device notification
Hardware keys for 2FA
11 World Password Day 2024
SMS based
Voice-based 2FA
Which method of 2FA do you use?
Work
Home
65%
43%
38%
18%
10%
50%
45%
36%
26%
14%
11
Security threats
Public spaces and networks highlight vulnerability
42% of respondents access personal and work data in public spaces and networks very or somewhat frequently, increasing their vulnerability to cyberattacks.�
How frequently do you access personal and work data in public spaces and networks?
Not very frequently
36%
13 World Password Day 2024
Very frequently
15%
Never
23%
Somewhat frequently
27%
13
Phishing emails and text message scams run rampant
14 World Password Day 2024
Phishing emails
Text message scams
Fraudulent phone calls
Fake/spoofed websites
Phishing via social media
I have not noticed an increase
In the past year, have you noticed an increase in scams or phishing attacks?
Neutral
27%
Very confident
19%
Rate your confidence in recognizing phishing attacks.
Somewhat confident
41%
Very unconfident
4%
Somewhat unconfident
9%
52%
52%
42%
30%
28%
17%
14
Phishing attacks drive adoption of 2FA
57% of respondents reported enabling two-factor authentication as a result of an increase in phishing attacks and scams, followed by 47% who say they updated their passwords to stronger variations.
15 World Password Day 2024
Enabled 2FA
Strengthened passwords
Removed personal information
Adopted a password manager
Started using an email alias
None
What actions have you taken as a result of an increase in phishing attacks and scams?
57%
47%
27%
24%
19%
13%
15
Majority not afraid of AI-enhanced cyberattacks
69% of respondents feel somewhat or very prepared to identify and mitigate AI-enhanced cyberattacks, despite a substantial number who resort to risky password management methods.
How prepared do you feel to mitigate cyberattacks that may be created by AI?
Somewhat prepared
50%
Very prepared
19%
Unsure
9%
16 World Password Day 2024
Not prepared at all
23%
16
Security breaches persist
Have you experienced a security breach or data loss due to your password habits?
Have any of your passwords been stolen or compromised in the past?
Only 19% of respondents admit to experiencing security breaches, but 23% confirm their passwords have been stolen in the past, underscoring the cognitive dissonance between users’ security postures and actual practices.
17 World Password Day 2024
No
71%
Unsure
10%
Yes
19%
No
59%
Unsure
18%
Yes
23%
17
Many security incidents may go unreported
Less than half of respondents (38%) say they would notify their IT security team if they suspect their work login credentials might be compromised, signaling a troubling lack of sufficient workplace security training.
18 World Password Day 2024
Change all compromised passwords
Monitor for unusual activity
Delay action to see if there are any consequences
Not sure what to do
If your work login credentials might be compromised, what immediate steps would you take?
Notify the IT/security team
Ignore the warning and take no action
38%
32%
5%
6%
7%
13%
18
Employees more confident than they should be?
Just under half (48%) of respondents receive regular security trainings at work, but 93% feel at least somewhat confident in their ability to identify common threats, indicating a mismatch between attitudes and actual practices.
19 World Password Day 2024
Yes
Have you received regular training on securing your login credentials?
Unsure
How confident are you that the training you received has prepared you to counteract common threats?
No
Confident
Somewhat confident
Not confident
Overwhelmed
43%
50%
5%
1%
48%
45%
7%
19
Workplace security habits need some work
Although 53% classify their workplace security habits as generally secure, risky security habits such as using weak or personal info-based passwords are still common.��How would you classify your workplace security habits?
Using weak or personal info-based passwords
Identify the risky security habits you practice at work
39%
Storing work passwords insecurely
35%
Not using 2FA
33%
Sharing passwords insecurely
32%
20 World Password Day 2024
Generally secure
53%
Unsure
10%
Very risky
6%
Somewhat risky
31%
20
Passkey authentication
More education needed to drive passkey adoption
While 45% of respondents use passkeys to log in to some accounts,�another 49% say they don’t understand the security benefits of passkeys over traditional passwords.
How well do you understand the security benefits of �passkeys over traditional passwords?
22 World Password Day 2024
Somewhat well
Not very well
Very well
Not at all
Unsure
16%
36%
30%
8%
11%
Yes
Are you currently using passkeys?
45%
No
55%
22
Passkey apprehension remains
Only a quarter (24%) say they have no specific privacy concerns around passkey use.
What privacy concerns do you have regarding the use of passkeys?
23 World Password Day 2024
Worried about potential data collection or misuse
Concerned about unauthorized access to my passkeys
Uncertain about how passkey use is monitored
Doubts about the security of passkey storage
I have no specific privacy concerns
31%
31%
31%
29%
24%
23
Companies hold the (pass)key
If your company adopted passkeys, how would that influence your trust in the company’s commitment to security?
By adopting passkeys, companies can increase employee trust.
24 World Password Day 2024
It would increase somewhat
It wouldn’t change
It would increase significantly
It would decrease
21%
41%
35%
3%
24
Passkeys and passwords coexist for now
How do you perceive the future of authentication technologies in light of advancements like passkeys?
The majority (51%) believe that advancements like passkeys will not replace traditional passwords, but rather that the two will continue to coexist.
25 World Password Day 2024
Passkeys and passwords
will coexist
Unsure about the future
Passwords will become obsolete
Skeptical about passkeys adoption
Has the industry done a good job of educating the public around passkeys?
51%
20%
17%
13%
Yes
32%
No
44%
Somewhat, but more is needed
24%
25
Survey recap
The survey results emphasize a critical need for enhanced awareness and education about better cybersecurity habits at home and at work. The findings reveal a gap between recommended security practices and actual user behavior, spotlighting how weak password habits heighten cybersecurity risks.
Despite password security challenges, the survey also reveals encouraging trends, with password manager use and 2FA adoption on the rise. Passkeys continue to shape the future of secure authentication, though results show more public education around passkeys is needed.
Visit the page to learn more: