More than half of Internet users create accounts only to forget them, according to new research by NordPass.

A massive 64% of those surveyed don’t remember all the accounts they’ve created. What’s more, 52% of users have accounts they cannot access because they have lost or forgotten the passwords.

This is not only an inconvenience for users, as they can’t remember the passwords when they actually need them, but is also a serious cybersecurity issue that alarms security experts.

“Forgotten accounts don’t disappear — they are still online,” says Chad Hammond, security expert at NordPass. “Some of them could even be in unsecured databases. Our recent research confirms that more than 10-billion credentials are available in exposed online databases.

“No matter whether the database containing your password is secured or unsecured, the password could be breached at any time. The only difference is that when credentials are sitting in unsecured databases, the hacker doesn’t even need to hack to obtain them,” adds Hammond.

He notes that data leaks and breaches happen every day. Chances are if a platform for which a user has forgotten their logins gets breached, they won’t even know it.

“This is especially dangerous to those who reuse their passwords,” Hammond says. “For example, if the breached password secures both your email and social media accounts, they will all be jeopardised.”

Password reuse is still a major security issue. The same NordPass survey reveals that 63% of respondents reuse their passwords.