Nearly fractional of professionals besides admit to sharing passwords and much than a 3rd accidental they constitute them connected paper, according to Beyond Identity.
A survey of much than 1,000 professionals reveals that astir deliberation their enactment password practices are secure, but the world of the concern is thing but. Nearly fractional admit to password sharing, much than a 3rd accidental they constitute their passwords connected paper, and 1 successful 4 said they inactive person entree to accounts from past jobs.
The survey, performed by passwordless information institution Beyond Identity, suggests a request for businesses to tighten up their password policies, but with an important caveat: Making the process excessively laborious for employees means that they'll conscionable find a mode to circumvent the rules. With 45.6% of respondents saying they judge strict password policies hamper productivity, there's a bully crushed to guarantee a equilibrium is struck.
SEE: Security incidental effect policy (TechRepublic Premium)
As mentioned above, much than a 3rd of respondents admit to penning passwords down connected paper, but they aren't successful the majority: 38.1% usage a unafraid password manager, and 25.9% accidental they don't store their passwords astatine all. As Beyond Identity points out, password managers are a bully mode to retrieve passwords for those acrophobic astir forgetting, but they're inactive hackable. One interruption successful is each an attacker needs to summation entree to a person's full room of password-protected accounts.
As for password sharing, 41.7% said they person shared workplace passwords, with employees astatine midsized companies (50-249 people) astir apt to bash so. Of those who stock passwords, 66.2% stock them with coworkers, and conscionable implicit a 3rd stock them with household members oregon important others. The astir communal method of sharing passwords is via email.
Another occupation stems from the magnitude of passwords that are reused. Twenty-six percent said their idiosyncratic email has the aforesaid password arsenic their enactment account, 21.5% person an identical enactment relationship and slope login, and 17.8% study that their societal media accounts stock credentials with work.
Most employees (72.9%) said they deliberation their employer's password argumentation is "about right," but erstwhile considered alongside the different statistic from the survey it seems they whitethorn not be. To beryllium clear, the occupation isn't confined to employees with atrocious habits compromising workplaces: It's an IT occupation arsenic well.
If a afloat 4th of employees inactive person entree to accounts from erstwhile jobs, amended termination policies request to beryllium successful place, and businesses request to beryllium definite they're strictly adhered to. Password absorption policies request to beryllium successful spot and adhered to arsenic well, and two-factor authentication should beryllium enforced to assistance forestall password sharing. It's besides a bully thought to instrumentality a zero-trust security exemplary to forestall compromised accounts from being utilized by an attacker to determination laterally wrong the network.
SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)
Lastly, organizations should see going passwordless. Prior studies person indicated that much than fractional of IT professionals deliberation passwordless logins would amended organizational security, arsenic good arsenic destruct hassles for employees. As Beyond Identity's information suggests, thing that makes enactment easier for employees is apt to person a nett affirmative for organizational information arsenic well.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and ThursdaysSign up today
- How to go a cybersecurity pro: A cheat sheet (TechRepublic)
- Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
- Checklist: Securing integer information (TechRepublic Premium)
- Online information 101: Tips for protecting your privateness from hackers and spies (ZDNet)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)