ProtonBlog(new window)
password fatigue

Are you suffering from password fatigue? Here’s how to fix it

Share this page

Most people in the digital age have dozens, if not hundreds, of passwords, and keeping track of them is tiring, to say the least. If you’re suffering from password fatigue, you’ll be happy to know there’s an easy fix.

The short answer is that you should use a password manager, as they can not only take away the burden of keeping track of your passwords, they can also remove the security issues associated with password fatigue. Let’s go into specifics below.

What is password fatigue?

As the name suggests, password fatigue is the exhaustion you feel having to create and keep track of an ever-growing number of passwords. Almost every service and app requires a new account with a sufficiently secure password (one that has a minimum length and specific mix of special characters). 

The average internet user has hundreds of online accounts. Unsurprisingly, according to a study by Pew Research(new window) looking at Americans, as many as 69% of people are overwhelmed by all these passwords.

Additionally, some services require you to reset your password periodically. Others require two-factor authentication, which adds an extra step to access your account. And if you forget a password, having to reset it only adds to the frustration.

Password management is not an insignificant mental burden, so it’s no wonder that many people resort to shortcuts — at their risk, as we’ll see in the next section.

The security risks of password fatigue

Password fatigue leads to two common mistakes: writing down passwords and reusing the same password (or a slight variation) over and over. Both are dangerous and can result in data breaches, identity theft, and ultimately financial losses.

If you write down passwords, it’s very easy for others to access them. There’s no way to protect pen and paper information from being accessed other than hiding it. If you take your passwords with you, say, in a briefcase, there’s a risk of misplacing it. In your workplace, writing down passwords is a violation of most companies’ security policies and data protection laws.

Most people “solve” this problem by remembering their passwords. However, if you rely on memory to store all your passwords, that means you must choose something easy to recall. Anything easy to remember is usually easy to crack.

Hackers use powerful computer programs called brute force attacks to try to break troves of encrypted passwords. Short, simple passwords, and those containing standard words and symbols are easily revealed and sold on the dark web to criminals who steal your data.

Another issue with remembering passwords is that you’re likely to reuse your passwords, albeit with minor variations. A 2019 study by Google(new window) found that about 65% of people reuse their passwords for some, if not all, their accounts. Techradar(new window) did a similar study in 2022 and found that little had changed in three years, with 60% of its respondents reusing passwords.

When you reuse passwords, even with minor variations, you’re essentially doing a cybercriminal’s work for them. If one of your accounts gets hacked, the others with the same password are at risk. For example, the biggest cloud storage breach in history, the 2012 Dropbox hack, happened because an employee reusing their passwords(new window).

How you can combat password fatigue

Clearly, password fatigue affects more than just your quality of life, it can damage your cybersecurity. Oddly enough, there aren’t a lot of good alternatives to passwords: while there has been some experimentation with passwordless logins and even biometric identification(new window), all of them will run into issues when used in the real world.

A much better alternative are password managers(new window), apps that remember your passwords for you and autofill them as you browse the web. Using a password manager can cure your password fatigue within the space of a few minutes. No more scraps of paper and no more reusing passwords.

Your password manager will generate long, secure passwords(new window) for you and store them using high-end encryption(new window). They’ll be truly random and prove to be a practically impossible challenge for brute force attacks. The only thing you need to remember is a single master password. Passphrases(new window) come in handy here.

Most importantly, though, is that the best password managers are extremely easy to use. They run in the background, only popping up when a password needs to be created or filled in. They not only take away password stress, some password managers can also store your bank card details, identity documents, secure notes, and fill in one-time passcodes, like two-factor authentication(new window) codes and the like. 

What sets Proton Pass apart

We developed Proton Pass with these challenges in mind. It’s a small, lightweight app that runs in your browser or on your phone and alerts you when you need to create or fill out your passwords. Besides passwords, it also remembers bank card info, and you can even use it to store notes that you don’t want others to see — great for remembering your social security number, to name just one example.

Other handy features are a built-in 2FA authenticator as we identified two-factor authentication as an important way to significantly and easily improve your security. By directly integrating it, we can make sure everybody can benefit from it. There’s also a built-in password generator that creates truly random and unique passwords. 

There’s more than just the practical side of things that makes Proton Pass a great pick to fight password fatigue. As a company founded with privacy in mind, you can rest assured we take that side of things seriously, too. For one, all data we store is secured with end-to-end encryption(new window), meaning that at no point can anybody, not even us, access it. This makes scenarios like the Dropbox breach from earlier impossible.

Proton Pass is a great way to combat password fatigue, while also safeguarding your privacy. If feeling more secure while also contributing to our mission to improve the web sounds good to you, sign up for a free Proton Pass plan.

Protect your privacy with Proton
Create a free account

Share this page

Fergus O'Sullivan(new window)

Fergus has been a writer, journalist, and privacy advocate for close to a decade. In that time he has run investigations of the privacy industry, written on policy, and reviewed more programs and apps than you can shake a stick at. Before starting work at Proton, he worked for publications such as How-to Geek and Cloudwards, as well as helping host events at conferences like RightsCon.

Related articles

What is 3-2-1 backup
Data backup is vital for businesses and individuals alike: In case something happens to your primary computer, you always have a copy of your data to fall back on.  How should you approach backup, though? The 3-2-1 rule can act as a guide when decid
What was your first pet’s name? In what city were you born?  We’ve all had to answer these questions to reset a long-forgotten password, but consider how that works. Much of this information is easy to find for others (or easily forgotten by you), m
In the early days when Proton started, we often received a question along the lines of “I love the product and what Proton stands for, but how do I know you will still be around to protect my data 10 years from now?”  Ten years and 100 million accou
Credential stuffing is a popular type of cyberattack where attackers take login credentials and use them on thousands of websites, hoping to fraudulently gain access to people’s accounts. It’s an effective attack, but fortunately, one that’s easy to
With Skiff abruptly shutting down operations, many people are on the lookout for alternatives that don’t compromise on privacy — and won’t suddenly disappear. People were attracted to Skiff because it promised privacy, no ads, end-to-end encryption,
Skiff is dead. On Feb. 9, the email company Skiff announced it was being bought by Notion. Many Skiff customers have been shocked by this news, as their inboxes have been sold out from under them. Skiff gave people six months to export their data be