Forget about the question of do you use a secure password manager, how about when was the last time you changed your passwords? If you’re a millennial, chances are you haven’t changed them at all this year, if ever, and if you have you reused old passwords so you wouldn’t have to remember a new one. Security experts tell us to make sure we change our passwords regularly, never reuse old passwords, and make our passwords as strong as possible in addition to being completely different for each account we have on the web. Unfortunately that just doesn’t happen, and it’s leaving us open to security risks.

Humans are the weakest link in the information security game, so that’s why hackers often target people instead of websites. Why hack a site when you can just hack a person? It’s often a lot easier that way. If a hacker gets your password for one website, chances are he will be able to gain access to your accounts across multiple websites – 61% of people use the same password across multiple websites. Perhaps the most surprising is that millennials, those digital natives who grew up in a technologically advanced world, are the most likely to reuse their passwords – 76% of millennials admit to reusing passwords!

Less than half of Americans change their passwords at least once a year, the minimum recommended amount of time you should go between password changes. It’s particularly shocking since 20% of Americans online have experienced some sort of account compromise. The vast majority of passwords people use are weak to very weak, and when you add this to the reuse problem it can add up to a disaster pretty quickly.

One of the biggest problems people face is password overload. How many online accounts do you currently have? Too many to count, right? Chances are you can’t remember all those passwords, either – 70% of people have ten or more password protected accounts out there in the web. Perhaps even more shocking is the fact that in the United States the average email address is associated with more than 130 accounts. How many email addresses do you have? Now do the math. There’s no way you remember that many secure, unique passwords.

Many people store passwords in a place that is written down, either physically or on their computer or mobile device. Currently only about 30% of people use a secure password manager. Learn more about password hygiene from this infographic – how can you improve your password game?

Password Security Habits Infographic by Digital Guardian secure password manager