Tell me where you live and I will tell your P@ssw0rd: Understanding the macrosocial factors influencing password’s strength

Back to the list of Speakers and Sessions
Watch the stream
There are many ways to attack organizations, and credential stuffing is one of these. Depending on the strength of users’ passwords, crackers can decrypt passwords in a matter of seconds, hours or they may never succeed. Even if there was a significant advancement in attackers' abilities to perform password cracking, passwords remain the dominant authentication method not replaced but merely augmented by multi-factor authentication (MFA). The knowledge about passwords’ use must be deepened in order to respond to the protection needs of cybersecurity clients and adapting to specific aspect of their reality. Adopting a macrosocial approach, the present study explores different factors influencing passwords’ quality. We combined NorthPass’s list of the 200 most common passwords in 49 different countries to several other databases of country’s social and economic indicators like GDP, mean education level, amount of data breaches experienced in the country, etc.

The results reveal that a higher literacy level is associated with higher passwords’ quality. Also, the number of Internet users is inversely associated with password quality which indicates that living in a highly connected country is not a factor that increase information’s protection. The study participates in the understanding of macrosocial protection’s factors in order to adapt password lists.