In order to report on how secure the average American’s password is, the research team conducted a survey of 1,210 US residents about the length and complexity of their passwords.

The survey collected 1,210 responses from US residents and was conducted December 29th, 2020 through January 2nd, 2021.  Respondents were 18 or older 52% of those surveyed were female and 48% were male. The survey did not ask for any passwords or personally identifiable information.

Key findings include:

  • 67.3% of survey respondents said their average password was equal to or less than eight characters long.
  • 7.8% of respondents said their average password was less than five characters long.
  • 19.3% of respondents said their average password was fifteen characters or more.
  • Adults younger than 25 and older than 55 were amongst the groups with the shortest passwords.

Most people don’t like thinking about having their personal information stolen through a hack or data breach. But people the research team surveyed over the past two weeks responded that their passwords are well short of security expert recommendations.

The majority (67.3%) of survey respondents said their password was below nine characters in length, with some even saying (7.8%) their passwords were four characters or less.

A recent study conducted by security firm Hive Systems found that passwords below ten characters in length could often end up hacked in under an hour (and this length of time is shrinking as computer hardware processing power improves); passwords that were at least 12 characters long, even if only lowercase letters, would take upwards of a year to crack, with passwords at least 15 characters long taking upwards of 1,000 years. Comparing their research with the survey data, the average U.S. resident’s password could be hacked in under an hour, with many more potentially being hacked instantly.

For more information, including detailed results, please visit