Skip to main content

A look at Password Health Scores around the world in 2022

four photos of people using technology in different parts of the world

Report: A Global Look at Password Health

Here’s a snapshot of global cybersecurity habits based on Dashlane’s unique algorithm—the Password Health Score.

Passwords are often the weak link in an organization’s or individual’s cybersecurity—in fact, for Basic Web Application Attacks (BWAA), over 80% of breaches can be attributed to stolen credentials.1 The average internet user has 240 online accounts that require a password. With the number of online accounts per person growing each year, it’s essential to include password security as part of your cybersecurity plan to protect yourself and your business from cybersecurity incidents and bad actors.

Our report measures the levels of password health by region to share the first-ever look at the global state of password security. With a strong emphasis on data privacy and fair reporting, here’s where each region stands as of 2022.

According to our findings, nearly 20% of passwords are compromised in North America, and globally, 51% of passwords are reused.2

globe icon

To see your own score, download Dashlane for free. For more information, check out our in-depth explanation on what a Password Health Score is and why it’s important.

What we found

We found that the average Password Health Score for all of the regions was between 69 and 77, which means all regions fit within the “Needs Improvement” range. Let’s zoom in to see how each region measures up.

Password Health Scores by region

Map of password health scores by region
RankingRegionAverage Password Health Score
1Eastern Europe76.4
2Northern Europe74.3
3Western Europe73.4
4Central America73.0
5Southern & Eastern Africa72.3
6South-Eastern Asia72.2
7Eastern Asia72.1
8South America72.0
9Middle East & Central Asia71.5
10Oceania71.4
11Southern Europe71.4
12Southern Asia71.1
13Northern & Western Africa70.8
14Northern America69.1

Password Health Scores explained

example of password health score

Dashlane created the Password Health Score methodology to help users measure the state of their password security, improve upon weaknesses, and monitor their progress over time. Dashlane identifies vulnerabilities, prioritizes your most critical accounts (like banking, email, and social media), and gives you quick tips on securing your safety gaps.

An ideal Password Health Score—for both individuals and organizations—is above 90.

Dashlane generates Password Health Scores using an algorithm that works silently in the background of each user’s Dashlane account. It understands and reports where your weaknesses and strengths lie, login-wise, by using four key metrics:

woman using laptop with elbow on table

# of compromised passwords

If a password is impacted by a public or private data breach or found on the dark web using our Dark Web Monitoring tool, it’s compromised. We also dock points for passwords that are similar to any compromised passwords.

# of reused passwords

A reused password is the same or similar to a password from a different account. If one account gets breached, all of your accounts with that same password are at risk. The more reused passwords, the lower your Password Health Score.

Password strength

We measure individual password strength using the zxcvbn score, which is the methodology behind most password strength meters you see when you create a password for a new account.

Excluded passwords

Our dashboard includes a separate tab for passwords that can be excluded from the Password Health Score but still be stored securely. This is because not all passwords are a good measure of password health. Some logins have tight restrictions that are out of the user’s control, such as smartphone passcodes or WiFi passwords.

A checklist for improving your password health

check icon

Adopt a password manager.

To fully understand your password health, you need a password manager like Dashlane to audit your logins and show you where your password vulnerabilities lie.

check icon

Replace passwords that have been reused or compromised.

Use our in-app password manager to identify reused or compromised passwords and replace them with new, strong, and unique ones using our Password Generator. Dashlane shows you exactly which accounts are at risk.

check icon

Create a culture of security.

Whether you’re at your office or in your home, take ownership of your privacy by creating a culture of security awareness. Enable yourself and the people around you to make smart decisions about their data using the right tools and methods.

check icon

Use tools that make cybersecurity simple.

Make the best of your password manager by employing systems like 2-factor authentication (2FA) and single sign-on (SSO) to make the login process safe and simple for everyone.

Research methodology

For the creation of this report, regional scores have been computed using anonymous data from both Dashlane business and personal users.

For each region, we computed the average and the median Password Health Score among the thousands of users in that region.

Together with the hundreds of millions of data points, several factors went into consideration to reduce bias in the results.

For example, we have excluded users who created their accounts recently since they may have imported several passwords that they have not secured yet. However, this doesn’t make any difference in the results.

We included all countries of the world and grouped them into key regions. We created regions populated by high enough volumes of Dashlane users so that we can ensure proper sampling of the population. For example, having a significant enough volume of users in each region enables us to reduce bias so that we ensure a consistent breakdown of B2B/B2C users across regions.

In the analysis, together with the median and average, we looked at the distribution of security scores across regions, for example, the share of users with a score above 80 in Northern Europe vs. other regions. These more granular numbers told us the same story of nuances of security across regions. In the end, we picked the average as the best compromise between relevancy and readability.

Analyzing the components of the score, we found that the amount of password reuse and password weakness is fairly similar across the world. On the other hand, the number of compromised passwords varies greatly and plays a big role in the differences we observe between regions.

Privacy & security

Dashlane did not collect “personal data” from its users in creating this report.

As used in our Privacy Policy, “Personal Data” means information that, either alone or when combined with other information we hold, identifies an individual, such as name, mailing address, email address, IP address, or telephone number.

The data in this report is “anonymous data” aggregated using IP address information without the last four digits to determine location. “Anonymous Data” means data that, alone or combined with other information available to us or a third party with whom the data is shared, does not permit the identification of an individual.

Because of our zero-knowledge architecture, we do not and cannot know what information users store on the Services (“Secured Data”).
To learn more about our privacy practices, visit Dashlane’s Privacy Policy.

Resources

  1. Verizon’s 2022 Data Breach Investigations Report, 2022
  2. A Global Look At Password Health, Dashlane, 2022

Dashlane’s Password Health Score feature is available across all plans. Learn more about how you can use it to improve your password security how you can use it to improve your password security.