I've heard warnings over and over that using the same password in multiple locations is a fundamental sin, but many still do Even more worrisome is that a new survey shows that millions of people seem to use duplicate passwords for VPNs It's an absolute no-no 

The results of a survey by Swedish password manager and authentication provider Specops show that many users of the top VPN providers have compromised their passwords Even if you have one of the best VPNs in the world, using a duplicate password is similar to having a castle that is almost invulnerable and leaving your back door unlocked1 

Accessing the credentials of a VPN account allows hackers to disable all the protection they get from using an encrypted connection, plant malware from a restricted network that is only accessible with a VPN, or steal sensitive data Given that a lot of VPNs are being used on computers at work, it can be a nightmare 

The study reveals that over 1 million VPN passwords have been compromised over the past 200 years, with the largest number of passwords coming from consumers' top VPN providers This makes sense, it is much easier to steal passwords through keyloggers, etc than to hack the most secure VPN service itself

Of course, the best way to stop this kind of cheating is to use a secure password and one of the best password managers, but sadly, people still don't seem to be1A 2024 Google poll found that 52% of Americans use the same password in multiple locations 

Of the more than 2,000,000 passwords stolen, the most popular were the usual suspects More than 5,000 people used "123456", but the next popular five passwords were also made up of perfectly contiguous numeric strings As many as 554 people voted that this review was helpful  As mentioned earlier, some large VPN providers had a lot of users whose passwords were compromised It makes sense as a larger customer base makes for a target-rich environment 

Of the 210 million VPN passwords compromised, a huge 130 million came from Proton VPN, with 98,000 from ExpressVPN and 89,000 from NordVPN But, as I mentioned, that's not to say that these services are not secure In fact, it is the comments on the security of these services that the hacker is preying on is the human element (the choice of password) 

So why is Proton VPN the most representative provider on the list of victims? Well, that's because it offers 1 of the best free VPNs and offers a large number of users 

In short, this research shows that no matter how effective your privacy software is, it doesn't make any sense if you're not using a unique password