The strongest passwords and strictest password rules are not very helpful if your online service provider leaks your login credentials due to a misconfiguration on their servers.

If you think such an eventuality is rare, know that many of the largest data breaches in 2021 were due to technical pitfalls by the service providers. In December 2021, cybersecurity experts even helped to close such a misconfiguration in the S3 bucket of Amazon Web Services, owned by Sega. This bucket contained all kinds of sensitive information, including passwords.

“Passwords need to become a thing of the past and we need to find other ways to log into accounts,” Saryu Nayyar, CEO of security vendor Gurucul, told Lifewire via email.

In December, The Sun reported that the UK's National Crime Agency (NCA) had provided more than 500 million passwords to the popular service Have I Been Pwned (HIBP), which were discovered during an investigation.