(© jamdesign -

NEW YORK — The average American thinks they can hack their significant other’s devices in just five attempts. A new study asked 2,000 Americans about their password habits and found many respondents think they know their partner’s password habits – perhaps a little too well.

Respondents also shared they have four “go-to” passwords themselves – with 31 percent saying these passwords are just different variations of the same password, with these respondents just adding on additional punctuation or numbers. Even so, 79 percent have six or fewer go-to passwords.

Although Americans think they could guess their significant other’s password in five tries – they don’t have as much patience for guessing their own. It only takes three failed password attempts before respondents abandon trying to log in to an account.

Honey, what’s my password again?

Conducted by OnePoll on behalf of Prove, the survey found this password abandonment might be due to the sheer frustration that comes along with signing up to use a service. In fact, 18 percent say they “always” get frustrated when they have to create a new account, for retail, banking, healthcare, and other purposes.

On top of that, another 65 percent either “often” or “sometimes” feel frustrated by the process. On average, respondents believe it should take about 33 seconds to create a new account online, but almost half (45%) will cap it at 30 seconds or less. A further 76 percent say they’ll only make an account if it’s something they’re going to use more than once.

The average respondent has six online accounts they’ve never even used because they didn’t need to use it again (46%), lost interest in the service (43%), or forgot their password (39%).


“The internet wasn’t built with security in mind and so as consumers, we all experience how tedious passwords and two-factor security can be. Screw up your password entry a few times, and now you are locked out and spending 20 minutes with a call center agent to fix things. It’s just a broken model held together with duct tape,” says Rodger Desai, CEO & Founder of Prove, in a statement. “Businesses that modernize their digital channels by removing the friction caused by antiquated security, will take all the market share. Consumers flock to businesses that respect their time and keep them secure without hassle. In our view, the winners in the digital economy will be those that kill the password.”

Signing in with your face?

More than one in five (22%) have been the victim of identity fraud and another 36 percent know someone who has. Respondents identified the top security red flags that come to mind when they’re making a new account online – with asking too many personal questions topping the list (48%).

Other security red flags include the lack of a follow-up email confirming the creation of the account (43%), a weak data privacy policy (39%), and a lack of security questions (39%). Three-quarters of respondents avoid saving their banking or credit card information on online accounts and profiles.

Just over seven in 10 respondents (72%) believe that having a simpler sign-in process with facial recognition is more convenient and user-friendly than creating new profiles and passwords. Three-quarters also agree biometric authentication is more secure overall than a traditional password and 64 percent think authentication through their phone is more convenient.

“As we have all seen, the security that online businesses use is overly tedious and yet, not very secure,” Desai adds. “The bottom line for consumers? Complicated doesn’t mean secure. The solution is actually sitting in the pocket of most adults – their cell phone. Your phone is by far the most secure, accurate and frictionless way to prove identity – and our survey demonstrates that consumers would prefer the convenience of the phone in their pocket.”

About Chris Melore

Chris Melore has been a writer, researcher, editor, and producer in the New York-area since 2006. He won a local Emmy award for his work in sports television in 2011.

Our Editorial Process

StudyFinds publishes digestible, agenda-free, transparent research summaries that are intended to inform the reader as well as stir civil, educated debate. We do not agree nor disagree with any of the studies we post, rather, we encourage our readers to debate the veracity of the findings themselves. All articles published on StudyFinds are vetted by our editors prior to publication and include links back to the source or corresponding journal article, if possible.

Our Editorial Team

Steve Fink


Chris Melore


Sophia Naughton

Associate Editor

1 Comment

  1. R Clary says:

    My wife could easily guess my banking or social media passwords, but not special passwords for certain websites with high level encryption – [Pornhub, XVideos, xHamster].

    The CIA would not crack those codes!