eco Survey: Is the Password Soon to be Obsolete? One in Three Already Uses New Authentication Methods
- 74 per cent of Germans consider their online passwords to be (very) secure
- At the same time, many are already using additional security measures such as two-factor authentication (39 per cent) or passkeys (32 per cent)
- eco recommends strengthening passwordless methods instead of relying on increasingly complex passwords
Cologne, 7 May 2026 – The majority of Germans have confidence in the security of their own online passwords. At the same time, a clear trend is emerging: the traditional password is increasingly losing its role as the sole security mechanism. This is confirmed by a recent, nationally representative YouGov survey commissioned by eco – Association of the Internet Industry.
Around three quarters of respondents (74 per cent) rate their password security as fairly or very high. Only 19 per cent consider their passwords as insecure. At the same time, however, many users have long since turned to additional security measures: where possible, 39 per cent enable two-factor authentication, 32 per cent use passwordless methods such as passkeys or biometric logins, and 24 per cent rely on password managers.
As long as passwords remain in use, Prof. Norbert Pohlmann, Board Member for IT Security at the eco Association, also strongly recommends a password manager: “Password managers suggest secure passwords and then make them available in encrypted form across different devices; users only need to remember one strong master password.”
Between progress and habit
Despite this development, traditional, and in some cases insecure, behaviours remain widespread. Overall, 37 per cent of respondents still write down some of their passwords, 21 per cent store some of them in their browser, and 18 per cent still use the same password for multiple online services.
“The coexistence of increasingly capable IT security solutions and outdated habits shows that we are in a transitional phase,” says Prof. Pohlmann. “Trust in one’s own password remains high, but in practice many users no longer rely on it exclusively. We are observing a gradual shift towards more modern authentication methods that increasingly complement or replace the password.”
The shift is particularly pronounced among younger user groups. In Generation Z (aged 18–29), 41 per cent already use passwordless login methods such as passkeys – significantly more than in older generations.
According to Prof. Pohlmann, given the growing number of online accounts, it is unrealistic to expect anyone to remember all their passwords. The temptation to reuse the same password for multiple accounts (18 per cent of respondents, according to the survey) or to note down the various passwords near the devices being used is simply too great. Prof. Pohlmann describes the password-only method as the least secure way to authenticate oneself and a major gateway for ransomware attacks.
The human factor remains the greatest risk
Against the backdrop of increasing computing power and new technologies such as quantum computing, traditional passwords are becoming increasingly easy to crack. However, from eco’s perspective, a key problem lies less in the technical strength of passwords and more in how they are handled.
“In many cases, passwords are not actually ‘hacked’, but voluntarily disclosed by users who fall victim to phishing – the targeted theft of login credentials through fake websites or emails,” explains Prof. Pohlmann.
eco recommends a change of strategy: passwordless instead of changing passwords
Tip 1: Use passwordless methods
Where possible, opt for passkeys or biometric logins. These are not only more secure, but also more convenient than traditional passwords.
Tip 2: Enable two-factor authentication
An additional factor significantly increases security and provides protection even if login details have been compromised.
Tip 3: Recognise and avoid phishing
Be on the lookout for suspicious emails and websites. Only enter login credentials on trusted platforms and carefully verify senders and URLs.
About the survey
The data from this survey is based on online interviews with members of the YouGov panel who gave prior consent to participate. A total of 2,134 people were surveyed for this poll between 28 and 29 April 2026. The survey was quota-weighted by age, gender, education, region, residential area, voting behaviour and political interest, and the results were subsequently weighted accordingly. The results are representative of the resident population in Germany aged 18 and over.
