Skip to main content
IAM vs. CIAM CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy policy.

The Trouble with Passwords and Data Security

By Gina Rau | Posted on May 20, 2013

Blog Banner

For years, information security experts have emphasized the importance of practicing good password hygiene—that is, using a unique and unguessable password for every individual site on which registration is required. But online users are human, and password reuse happens a lot more frequently than security professionals would ever like to admit. In fact, a 2011 analysis by Troy Hunt, using real data from accounts that were compromised at Sony and Gawker in 2010, revealed that 67% of users registered at both Gawker and an affected Sony site used the same password at both sites. People who registered at two separate Sony sites reused the same password 92% of the time. And it’s hard to blame them, as the task of remembering “strong” and unique passwords across the number of sites where your users are registered is nearly impossible.

The net result of this issue is that even if you believe you have impenetrable defenses against hackers, your users and your data are vulnerable if a completely different site is hacked, due to password reuse/fatigue. Furthermore, it’s a rare company that truly has an impenetrable defense against hackers.

In addition to security issues, traditional registration on a site also comes along with increased costs. There is a cost to securing and encrypting registration data to prevent the kind of security breaches that have become all too common, but there are support costs, as well. Anyone running a site that requires users to sign in knows that the number one driver of customer support calls is users who can’t remember their credentials. In fact, Forrester has reported that password reset requests comprise 20-50% of the customer support volume for an online business, at an average cost of $70 per password-related support request. Ironically, the very reason why these users can’t sign in is often because they were practicing good password hygiene and can’t remember their secure passwords.


60% of online users have more than 5 unique passwords they have to remember.

There are hidden costs related to traditional registration, as well. In a study commissioned by Janrain, nine out of ten people admitted to having left a website when they could not remember the username or password they had registered there, costing companies customers and potential revenue.


50% of online users dislike the idea of creating new usernames and passwords.

Thankfully, there is a simple solution to these problems, and that is social login—enabling your users to register and sign in using the well-established identities they have already created at sites like Facebook, Twitter, Google, and Yahoo!. Not only can you eliminate the need for site visitors to create yet another account with a username and password that they are likely to forget, you can rest assured that they will still be able to get access to an email address for future marketing efforts.

email address networks

List of networks that provide a verified email address via social login.

The concept of password hassle, or Password Fatigue Syndrome, really resonates with people when you stop to think about how many passwords you have and use on a daily basis. Can you relate to some of the responses in this Harris Interactive study?


40% of online visitors would rather scrub a toilet than create a new password.

Popular Posts

About the author

Gina Rau

Gina Rau

Marketing Communications Manager

With almost 20 years of marketing success, Gina is a brand engagement specialist who seeks out creative solutions for every marketing challenge. Her work has delivered results for leading brands like Whole Foods, McDonald’s, Taco Bell, JCPenney, Tillamook Creamery and more. At Janrain, she leads the charge to make sure our company, products and services shine through our messaging and content.

View all posts by Gina Rau