Page 61 - CMA Journal (May-June 2025)
P. 61
Focus Section
From the descriptions alone, they may not seem that • 52% of people worldwide use the same password on
impactful or severe—unless we delve into some global at least three accounts.
statistics and facts.
• 44% of internet users rarely or never change their
Human Error Element passwords.
• 74% of all breaches involve human involvement, • 34% of people use slight variations of the same
whether through error, privilege misuse, stolen password repeatedly (e.g., adding numbers or
credentials, or social engineering. symbols to an old password).
• Phishing remains a prevalent threat, accounting for • More than 36% of internet users write passwords
44% of social engineering incidents. down on paper.
• More than 50% of social engineering incidents • Only 15% use a password manager.
involve Business Email Compromise (BEC) attacks, in
• 53% of IT professionals have shared passwords via
which criminals attempt to dupe a senior executive
email in plaintext.
or budget holder into transferring money or
disclosing sensitive information. • In 2023, the most common password was “123456.” It
can be cracked in under a second.
Password Statistics
• 88% of passwords used in successful attacks were 12
• Globally, 78% of people admit to reusing the same
passwords. characters or fewer.
• 35% of victims of an account takeover enabled
• Almost 24 billion usernames and passwords were
reported as compromised in 2022 alone. two-factor authentication afterward.
ICMA’s Chartered Management Accountant, May-June 2025 59
