The Weak Password Report 2022

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Log in
Sign up

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

This will be used to identify you if you take part in our online comments.

Your password should:

  • be at least eight characters long
  • be no more than 25 characters long
  • contain at least one uppercase, lowercase and special character
  • contain at least one digit
  • only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

Password attacks are on the rise because passwords themselves are very vulnerable to attack. What makes them vulnerable? The 2022 Weak Password Report looks at both the human and tech sides of why passwords are the weakest link in an organization’s network.

From real-world attack data to passwords inspired by pop culture, the research in this report has been compiled through proprietary surveys and data analysis of over 800 million breached passwords and has insights into just how vulnerable passwords truly are.

Some highlights:

  • 93% of the passwords used in brute force attacks include eight or more characters
  • 54% of organizations do not have a tool to manage work passwords
  • 48% of organizations do not have user verification in place for calls to the IT service desk

Should you download this content your information may be shared with the sponsors indicated above. Please see the privacy policy for Specops Software – An Outpost24 Company here: Please see Infosecurity Magazine’s privacy policy for more information.