Password manager usage has grown by 60% in the past year as Americans are now starting to appreciate the benefits that these tools provide. According to security.org survey data, in 2021, 22% of Americans said they used a password manager, but in 2023, the percentage increased to 34% with a further 10% of users saying they use a security passkey or other physical password device. While usage of password managers is growing, 56% of Americans are choosing not to use a password manager or physical password device and are instead using less secure methods for their passwords, such as relying on memory, writing passwords down, or storing passwords in a file on their computers. According to this year’s survey – conducted on 1,000 Americans – 41% of respondents said they relied on their memory for remembering passwords, and 25% of people save passwords on their devices in unencrypted files or notes.
Passwords need to be set for a huge number of online services and it is impossible for most people to be able to remember their passwords if password best practices are followed. Many people instead chose to use a small number of passwords and reuse them on multiple accounts. The problem with this approach is that if one password is compromised, all accounts that share that password can be accessed. A password manager allows users to generate a strong and unique password for all of their accounts and there is no requirement to remember them or type them in when they are needed. All users need to do is remember one password – the master password for their password vault. Password managers make password management simple and usually greatly improve password security and an increasing number of people are now realizing that.
Many password managers are available free of charge, yet there appears to be considerable apprehension about using these tools and a lack of trust in the ability of password manager providers to secure passwords. 39% of nonusers said they thought password managers were secure, 34% were unsure, and 28% thought they were unsafe; however, nonusers are instead relying on password practices that are far less secure, and in some cases incredibly risky. 21% of respondents said they rely on a few passwords that are reused on multiple accounts and 41% of respondents said they have memorized their passwords, which suggests they are also reusing passwords to some extent or are choosing passwords that are easy to remember… and therefore easy to guess.
While password managers can improve security, that is not necessarily the case. More than one in four users of password managers admitted to reusing their master password for other accounts. Worryingly the number of users that are doing this has been increasing, rising from 19% in 2021 to 25% in 2022 and 28% in 2023. This practice is incredibly risky as if the shared password is exposed in a third-party data breach, the password can be used to access all passwords in the user’s password vault. The survey showed that users who reused their master password elsewhere were more likely to have experienced identity theft.
Password managers are proving to be the most popular on mobile phones. 84% of password manager users said they use the tool on their phones, compared to 77% on laptops/desktops and 44% on tablets. The password management tools provided by Google and Apple are the most popular. These tools, which are provided on devices or browsers, are the most popular password management tools, accounting for around half of the U.S. password management market. Google has a 30% market share, Apple’s iCloud Keychain has 19%, LastPass has 10%, 1Password has 8% and Bitwarden has 7%. 63% of users use a free password management tool, 11% pay between $1 and $20 a year, and 12% pay between $21 and $40 a year.
The survey data shows that most users stick with the same password manager, indicating they are happy with the service or are at least happy enough not to go through the process of finding a new service and switching. Only one-quarter of password manager users said they switched providers in the past year, and the majority of those users switched from LastPass due to its data breach and how it was handled.