How to Fix Cognitive Dissonance in Password Creation

A recent report has highlighted the lack of care of Internet users when it comes to their online activity. The 3rd Psychology of Passwords Report was based on a survey on 3,250 people globally to gauge their online behavior with regards to security and personal safety.

Cybercriminal activity has increased as people spend more time online for business and leisure, and poor security practices have made it far too easy for hackers to steal passwords, hijack accounts, steal identifies, and infiltrate business and personal accounts. The study provides important insights into the online behavior of individuals, and highlights several areas where mistakes are being made and security is being ignored. 

 The main points to take away from the study include:

  • People think cybercriminals will not be interested in targeting them:  The report showed 41% of those questioned are completely convinced that they are not going to be a genuine target of the millions of hackers currently targeting poorly secured accounts.  This is despite it being universally accepted that, on average, personal data from anyone can generate between $5-$110 in profit for a cybercriminal. 
  • Regardless of being aware of the threat, web users continue to take risks: 91% of respondents said despite knowing they are taking risks, they still use the same, or a variation of the same, password. 66% of respondents said they always or mostly use the same password, despite being aware of the risks associated with doing this at the time of password creation.
  • There is a reluctance to change or amend a password in order to boost cybersecurity: 53% of respondents haven’t changed their password in the last 12 months even after hearing about a breach in the news. 

A password management solution can help individuals and businesses to avoid these security risks. Password managers include secure password generators that will create long, complex, and unique passwords for all accounts, and will autofill these passwords when a user attempts to visit a website where a password is needed. Passwords are stored in a secure vault, and are salted and encrypted. Multifactor authentication can also be enabled for added security. All that a user needs to do is set one strong complex password for their password vault. 


The importance of using a password manager with a good reputation is clearly emphasized by the revelations in the aforementioned report. If a cybercriminal is able to infiltrate your accounts and databases, they can do untold damage to your organization. You should choose a password manager with excellent security, and an open-source solution that has undergone independent code audits is a great choice. Bitwarden is one such solution that meets these requirements and should certainly be considered. 



Author: Maria Perez