"24+ Billion Credentials Circulating on the Dark Web in 2022 -- So Far"

Security researchers at Digital Shadows Photon Research stated that passwordless technology might be one of the most hyped categories in cybersecurity at the moment, but the reality on the ground is that passwords are still widely entrenched and wildly insecure.  The researchers recently discovered that some 24.6 billion complete sets of usernames and passwords are currently circulating in cybercriminal marketplaces as of this year.  The researchers noted this number equates to four complete sets of credentials for every person on Earth and a 65% increase since the last time this study was conducted, in 2020.  The researchers noted that within the data set of credentials on the Dark Web, approximately 6.7 billion of the offerings had a unique pairing of username and password, indicating that the combination was not duplicated across databases.  That's 1.7 billion more than what researchers found in 2020.   Many of the passwords examined in these stolen data stores were not very secure in the first place.  The researchers stated that this is just one in a multitude of reasons why security advocates and technology-standards organizations have been pushing so hard for more usable passwordless technology across the globe.  According to a recent Dark Reading report, only 26% of IT decision-makers said they work in a passwordless organization, and 87% admitted they had at least one credential category that still depended on passwords. 

Dark Reading reports: "24+ Billion Credentials Circulating on the Dark Web in 2022 -- So Far"