Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Yikes: One in Four Employees Has Access to Accounts from Past Jobs

July 8, 2021

TechRepublic reported July 6 on some very interesting (and sobering) findings from a survey of over 1000 professionals by passwordless security company Beyond Identity.

Here are the startling stats:

  • Nearly half admit to password sharing
  • More than a third say they write their passwords on paper
  • One in four say they still have access to accounts from past jobs

45.6% of respondents say they believe strict password policies hamper productivity. Sigh. Where have we heard that before?

Of those who share passwords, 66.2% share them with coworkers, and just over a third share them with family members or significant others. The most common method of sharing passwords is via email. Another black mark.

Twenty-six percent said their personal email has the same password as their work account, 21.5% have an identical work account and bank login and 17.8% report that their social media accounts share credentials with work. Downright frightening.

Lessons? Password management policies need to be in place (and adhered to) and two-factor authentication should be enforced to help prevent password sharing. Clearly a good idea to implement a zero-trust security model to prevent compromised accounts from being used by an attacker to move laterally inside the network.

And all this leads, naturally, to the suggestion that organizations should consider going passwordless.

Please note: RTL will be taking a sabbatical next week. Look for the next RTL post on July 20!

Sharon D. Nelson, Esq., PresidentSensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email:  Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson