You're Getting Lazy With Your Passwords and Hackers Love It. CNET Survey Finds 49% of US Adults Have Risky Password Habits

It feels like I have a password for everything: my bank account, my Amazon Echo Show and even my Netflix app. With so many different devices and accounts, coming up with unique, strong passwords -- and remembering them -- can be overwhelming. It's tempting to get lazy and use the same password for multiple accounts. It's a relatable move, and it's one scammers are counting on. 

The risks of using old passwords or including personal information in a new one is a big risk to your data and identity. Repeating passwords could open the floodgates to hackers getting access to more than just your Netflix account. 

Yet CNET's latest survey shows that almost half of US adults (49%) have risky password habits and 24% admitted to using a password that's shared with another account. That's troubling to Attila Tomaschek, CNET software senior writer and digital security expert.  

"Reusing the same password across multiple accounts puts users at risk of getting their online accounts compromised through a credential stuffing attack," said Tomaschek. 

There's not one particular password formula that will guarantee your information is safeguarded. However, there are steps you can take to protect your password and data as best as possible.

Here are CNET's survey findings and what our experts recommend when creating or upgrading your password. 

Cole Kan/CNET

What password habits are putting us at risk? 

CNET's survey found the risky password habits US adults most commonly turn to include reusing a password across different accounts or using personal data as part of a password. While 24% said they use the same password for different accounts, 8% admitted to using a password that they know was compromised in a data breach. 

Cole Kan/CNET

Using personal data in your password may help you remember your login but it also makes it easier for hackers to access your account. 

"This is especially risky considering the wealth of information that many people share online through social media and other outlets," said Tomaschek. Creating a unique password for each account can minimize that risk. 

How to create a strong password without forgetting it 

Not all US adults have lazy password habits. CNET found that one-quarter (25%) of US adults go with randomly generated passwords when creating one, for example, from an online service or Internet browser. That's welcoming news to Tomascheck, who said this is one of the safest options. Randomly generated passwords are substantially more difficult to guess than a user-created password, Tomaschek said. 

"A good password generator will offer options for the user to customize the length of the password and whether numbers and symbols are incorporated," he said. "The longer and more complicated the generated password, the better."

However, a randomly generated password can be impossible to remember, so Tomaschek recommends using a password manager to store each of your unique passwords. CNET recommends Bitwarden as its top recommendation. 

Read more: No Password Manager? Learn How to Protect Your Online Accounts and Make Logging In Simple

The US Cybersecurity and Infrastructure Security Agency recommends making each password 16 characters or longer. Also, use a random mix of numbers, letters, special characters or words. If your password has been compromised, change it right away and keep an eye on any other accounts to make sure they're not impacted.