Marcio Jose Sanchez, AP
The new iPhone X is displayed in the showroom after the new product announcement at the Steve Jobs Theater on the new Apple campus on Tuesday, Sept. 12, 2017, in Cupertino, Calif. (AP Photo/Marcio Jose Sanchez)

A new report from the EPC Group, an innovation and consulting firm, found that 11 percent of Americans have used the same password for seven or more years. In fact, only 37.5 percent of Americans switch their password when a website requires them to do so.

People struggle to remember their passwords. The report found that people in the South were five times more likely than those in the Midwest to need four or more attempts at writing their password.

There’s a gender difference, too. Men are 2.8 times more likely than women to actually use the word “password” in their password.

“We all know that the worst password you could possibly have is ‘password.’ With that said, men seem to have a strong preference for this unsecure word, featuring it in their passwords more than women. Women on the other hand are more wordy with their passwords and like to include the names of their significant other,” according to the report.

People tend to include sports teams in their password, too. The study found that Western states are 2.2 times more likely than those in the Northeast to add a sports team to their password.

So where do people store their passwords? Forty-three percent said they write their password on a list near their computer, while 36 percent said they locked their password in a safe. Thirteen percent will put their password on a protected computer document and 8 percent will leave it in an open document on their computer.

Millennials are more likely than baby boomers to write their password on a list on their smartphone.

The report found that people tend to share their passwords with others when using streaming service apps like Netflix. Trusting people with your password is a risky business, the report said.

Password security is an important issue in the age of hacking. Numerous companies over the last few years have been hacked, including Equifax, Yahoo and Uber.

As Mashable reported, Google revealed this week that almost 25,000 passwords are swiped per week. Most passwords are stolen within two days of their creation because of email phishing and third-party websites breaching the system.

Google anti-abuse researcher Kurt Thomas told Mashable this is a troubling issue because of what passwords represent.

2 comments on this story

"It's the key to the kingdom," Thomas said. "Accounts are incredibly valuable to hijackers. There's an incredible effort they’re putting into getting access to your email."

Thomas said it’s important to use different passwords for various websites. Password manager apps can also protect your passwords. It doesn’t hurt to have a phone number associated with your account so you can verify your password.

Thomas is a little pessimistic about the future of passwords, though.

"Passwords are no longer a paradigm that you can really trust in," Thomas said.