How Many Passwords Does The Average Person Have

How Many Passwords Does The Average Person Have in 2024?

How Many Passwords Does The Average Person Have in 2024?

Passwords have become the definition of life in the 21st century.

You can’t do anything without a password, from logging into your home computer to accessing your cell phone, or even checking your current account balance. 

How many passwords does the average person have in 2024?

Let’s find out.

How Many Passwords Does The Average Person Have in 2024?

There’s a password for everything.

In fact, assuming they are active on social media, the average person has approximately 100 passwords!

That’s the short answer to how many passwords does the average person have in 2024.

You’re probably not that surprised. Think of how many accounts you already have with passwords, such as Facebook, Twitter, and other social media sites.

Then, think of your bank, work password, loyalty cards, video conferencing calls, and even a password for every app you decide to download.

It doesn’t matter if you never use them again!

Of course, in a perfect world, every one of those passwords would be different.

Unfortunately, we don’t live in a perfect world. 

The Origins Of Passwords

Passwords may have been used in a variety of settings but their use has gone global in the last twenty years. 

The first digital password was created in the 1960s.

It was after the Compatible Time Sharing System was invented by the Institute of Technology in Massachusetts. 

Because multiple people could access the same system, each person needed to be able to securely log in without others tampering with their input. The password was born!

Of course, the first mass-market computer didn’t appear until the 1970s and it wasn’t until the 1990s that passwords were seen as necessities. 

Today, there is an abundance of passwords, more than you can remember. 

Why Every Password Should Be Unique

Passwords 823

Most people will find it impossible to remember 100 unique passwords.

That leaves you with two options:

  1. Memorize one password and use it for multiple accounts
  2. Write them all down

It seems logical. However, with the increase in internet usage, there has also been an increase in cybercrimes.

In other words, criminals are trying to hack passwords and steal your money as well as personal information. 

Writing all your passwords down, whether online or offline, makes it easy for criminals.

They just need to access your list and can get into any of your accounts. 

Equally, using the same password across multiple accounts means, if one account is hacked, the criminals will have access to multiple accounts. 

Creating a unique password for each account ensures that if one password is cracked only one of your accounts is in danger.

That can save you a lot of money and hassle. 

Before assuming your account won’t be targeted, consider this, 30,000 websites are hacked daily.

According to a 2019 Breach Security study, one million passwords are stolen weekly.

You can break this down further:

  • 81% of data breaches are a result of weak passwords which have been hacked
  • 80% of hacks are due to users reusing passwords across several accounts
  • 27% of hackers have tried to guess passwords
  • Alarmingly, 17% of hackers succeeded in guessing stranger’s passwords
  • 99.9% of attacks are blocked by dual-factor authentication

In short, hackers and cybercriminals are looking for your passwords. It’s only a matter of time before they find them.

Most Commonly Used Passwords

Passwords 814

It may surprise you to learn that some passwords are used by multiple different users, even when they have no connection to each other.

Unfortunately, if you’re using one of the most common passwords, it will take moments for a hacker to find you and break into your account. 

Here are the most commonly used passwords, leaving your account ready to be hacked. 


Since password rules have changed many people moved from ‘password’ to ‘Password’, and then to ‘Password1’ followed by ‘Password1?’

The problem is, this is one of the first things a hacker will try and your account will quickly be exposed. 


When a numerical pattern is requested it is simple to create a password using numbers in sequence.

The only variant is how long the password needs to be, usually between five and ten characters. 


Another common approach to numerical passwords is to pick one number and use just that in the password, such as ‘111111’. It’s a dangerous precedent. 


Because you need to remember passwords another simple solution people use is letters easily read from the keyboard or even a book.

Qwerty is one of the best-known examples of this as it is easy to remember and random. 

Unfortunately, because it is so common it will be easily guessed. 

Creating Strong Passwords

Passwords 409 1

Strong passwords are unique. That means every one of your accounts has a different password.

However, to make passwords really strong there are several other things you need to do. 


Most systems and apps will tell you how long a password needs to be and the maximum length it can be.

That helps but you should ensure every password you have is at least 12 characters long. 

That makes it far harder to crack than an eight-character password.

The harder it is, the longer it will take to hack, and the more likely it is they will target someone else.


There is a big difference between 12 letters and a password consisting of 12 different characters.

Strong passwords contain upper and lower case letters, numbers, and special characters. 

This makes them much harder to crack, even by password-cracking software. 


You already know a password should be unique.

What you may not realize is that it should have no connection to you. 

Related:  30 Landing Page Statistics for 2024 (New Data!)

Instead of thinking of your favorite hobby or something similar, and turning that into a password, you should choose random letters, numbers, and characters.

Cybercriminals look at your social profiles to find out about your hobbies and other things that can give them clues regarding your password.

This approach is referred to as Social Engineering. 

It’s not something you want to make easy for anyone. 

Dual-Factor Authentication

Dual-factor authentication is when you get sent a code by SMS or email before you can complete logging into any account.

It’s not completely foolproof as criminals can get hold of your phone or even hack your email account

However, in most cases, using dual-factor authentication renders it impossible for a hacker to get into your account, even if they get the password. 

You should turn on dual-factor authentication on any account that offers the service. 

Naturally, every account should have a different password, this dramatically reduces the risk associated with password theft. 

How To Make Passwords Simpler

Passwords need to be long and a complicated array of letters, numbers, and special characters.

This is the best way to make sure they are not hacked and effectively makes it impossible to remember them all. 

Fortunately, you don’t need to.

The most efficient and safest option currently available is to use a reputable password manager.

This is effectively a spreadsheet where you list your username and password for each account. 

The data is encrypted and only accessible to the keyholder.

To access the encrypted data you’ll need the password. You can make this password as complicated as you wish, it’s the only one you need to remember.

The password is also encrypted and is stored locally, that means it is on your device.

This makes it virtually impossible for anyone to find it and steal it. 

The majority of reputable password managers don’t just allow you to store passwords, they also generate them.

Simply click on the password generator and you’ll be given a password.

It is possible to create custom settings, determining the length of the password and what types of characters are used. 

Passwords generated in this way have no connection to you or your hobbies, making them much harder to hack. 

If you’re looking for a good password manager we can recommend NordPass

Be Prepared For Password Attacks

Even when you’ve strengthened your passwords you can still be a victim of password theft.

However, if you have a strong password the theft is most likely to be because you have inadvertently given it to the hacker. 

Phishing Attacks

You should note that 300 billion phishing emails are sent out across the globe daily.

Not all of these work, being aware of what a phishing email is will help to protect your passwords and associated accounts. 

A phishing email is one that you receive which appears to come from a reputable source, such as a bank or even a friend. The email will voice concern.

For example, if it appears to be from the bank it will state there may be an issue with the security of your bank account. To remedy the issue you simply need to log in. 

If you believe the email to be genuine you’ll click on the provided link and be taken to your account login page.

You then enter your details to check your account.

Unfortunately, the email is a phishing email and the link takes you to a page that looks like your regular login, but isn’t.

In short, you’ve just given the hackers your username and password. You may not even realize you’ve done it. 

To prevent being duped by a phishing email, never click on links in emails.

Instead, go to your account by inputting the site address into your browser manually.  

If you do suspect a data breach has happened, contact the relevant accounts immediately and advise them.

You should also change the passwords on all your accounts, whether you think they have been breached or not.

Alongside this, change your passwords at least once every 3-6 months, it will reduce the likelihood of them being attacked.

Just remember not to reuse old passwords

It will make you better prepared than others:

  • 44% of people never change their passwords
  • 34% of people repeat a password every month
  • Just 15% of people change their passwords several times a week

Social Engineering

We’ve already mentioned social engineering and it won’t be possible for hackers to find out your password this way if you use a password generator. 

However, if you choose a password yourself it will be based on the activities currently occurring in your life.

Cybercriminals use social engineering to find out likely password options. 

They can look through any publicly available information, that’s on social media accounts, online phone directories, and even business records.

They can also obtain details from data brokers who specialize in finding information on the web and creating user profiles. 

Using unique passwords, generated by a tool, means that hackers can’t use social engineering to get into your account.

However, they can use it to extort you by claiming they have information on you that you don’t want to be released. 

Think about that when looking at your social media accounts and choosing your security and privacy settings.

Summing Up

Passwords are here to stay for the foreseeable future.

That means the answer to how many passwords the average person has in 2024 is likely to be less than the number next year.

Research suggests that the number of passwords used by the average person in 2019 was 75, illustrating how many more are needed today. 

Passwords are designed to protect your accounts.

Unfortunately, they are also the weakest link as they can be guessed. 

The simplest way to make sure yours isn’t guessed is to follow the guidelines above and create strong passwords.

Combine this with a password manager and you’ll strengthen your online security and privacy. 

That will help until fingerprint and face recognition become the norm.

It also means you only have one complicated password to remember.

That’s easier than you may think it is. 


FinancesOnlineLogin RadiusTech
Written by Kelly Indah
I’m the editor at Increditools and a dedicated cybersecurity expert with a robust technical background. With over a decade’s experience in the tech industry, I have worn many hats, from software developer to security analyst.