Your IT Consultant

Survey of Password Practices – Not Good News

July 7, 2021

We have to do a better job dealing with passwords. TechRepublic posted some results from a password practice survey of over 1,000 professionals conducted by Beyond Identity and it is not a pretty picture. As a summary, almost half of respondents admit to sharing passwords while more than a third write their passwords on paper. The lesson for employers is that one in four still have access to login credentials from previous employment.

Password reuse has been a problem for years. “Twenty-six percent said their personal email has the same password as their work account, 21.5% have an identical work account and bank login, and 17.8% report that their social media accounts share credentials with work.” Not a good thing.

The challenge for employers is to strike a balance between security and convenience. Establishing a password policy that is burdensome and restrictive encourages unsafe practices. If you make the password policies too restrictive or laborious, employees will find a way around them. Implementing multi-factor authentication (MFA) is a significant improvement to protect login credentials even if there is password reuse going on. Since so many login credentials are still active for past employees, employers need to stiffen up termination processes. Today is a good time to update your employee separation checklist.

Email:  Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://senseient.com