More than three billion user credentials and passwords were stolen in 2016, according to a new report from Thycotic and Cybersecuirty Ventures. That breaks down to 8.2 million passwords stolen every day and approximately 95 passwords stolen every second.
But that’s just a drop in the bucket compared to what we have to look forward to: The report estimates 300 billion passwords will be at risk by 2020. The resulting damage will cost $6 trillion by 2021.
"Our passwords are not safe, which is concerning as they are literally the key to some of the most important information that businesses hold," said Joseph Carson of Thycotic.
Thycotic and Cybersecuirty Ventures used data analysis to come up with their predictions, and freely admit there is a margin of error associated with them. Either way, the message is clear: the password attack surface will grow significantly over the next several years.
Privileged account passwords are especially concerning, according to the report, because one privileged account password breach can allow a hacker to infiltrate an entire company.
Until a better approach to password security materializes, education to ensure employees are using more secure passwords is critical. A recent Keeper Security found the most common password of 2016 was "123456."