Yesterday, was World Password Day, and at Starting Point we marked it by launching our new free learner guide designed to help people better understand passwords, passkeys and online security.
You can access the guide here:
Free Learner Guide: Passwords and Passkeys
Today’s session focused on something many people know they should use, but often avoid: password managers.
What quickly became clear was that for many learners, password habits are built around fear of forgetting rather than confidence in staying secure.
Only a handful of learners and volunteers said they currently use a password manager. Most rely on notebooks, scraps of paper, or memory. One learner shared that she had never changed the password to her main Gmail account. When someone checked, she discovered it had last been updated in 2015. Others couldn’t even remember setting up their email password in the first place.
These conversations matter because email accounts are often the “master key” to somebody’s digital life. If an attacker gains access to an email account, they can often reset passwords for banking, shopping, benefits, social media and healthcare services.
As part of the session, we explored password checking tools and data breach websites together. For many learners, this was the first time they had seen just how exposed reused or weak passwords can become after a data breach. It sparked honest conversations about trust, convenience and fear, particularly the fear of losing access to important accounts.
Research suggests these worries are incredibly common. Studies on older adults and password habits found that many people feel overwhelmed by the number of passwords they are expected to manage, leading them to create their own coping strategies, including writing passwords down or reusing the same ones across multiple services.
And they are far from alone.
Recent cybersecurity reports continue to show widespread password reuse despite years of awareness campaigns. One 2025 report estimated that 80–85% of people still reuse passwords across accounts, while another found that 84% of people admit to reusing passwords on multiple sites.
What we see in community sessions reflects this perfectly. People are not ignoring security advice because they do not care. Often, they are trying to balance security with practicality, memory, stress and accessibility.
During the session, we explored built-in password management tools including Google Password Manager and Apple Passwords, alongside dedicated services such as NordPass. Learners were particularly interested in the idea that a password manager can generate and remember strong passwords for them, reducing the pressure to remember dozens of logins themselves.
We also introduced two-factor authentication and authenticator apps, discussing how they provide an extra layer of protection even if a password is compromised. For many, this was a completely new concept, but one that immediately made sense once explained in plain language.
What stood out most was not the technology itself, but the confidence shift that happens when people understand why these tools exist and how they can fit into everyday life.
Cybersecurity conversations can sometimes feel designed for people already comfortable online. But in reality, digital safety is now part of daily living. Applying for benefits, accessing healthcare, communicating with schools, managing finances and keeping in touch with family all rely on secure online access.
Supporting people to thrive online means helping them feel safe online too.
And sometimes that starts with a simple question:
“When was the last time you changed your email password?”