45% of organisations who only check for compromised passwords during expiry or reset events average only two checks for compromised passwords per year.

Only 50% of organisations scan for compromised passwords more than once a month.

Only 12% of organisations have moved away from using passwords as their primary method of authentication.

88% of organisations still use passwords as their primary method of authentication.