Password Blunders Abound!

by

April 12, 2021

A new Ponemon Institute report (sponsored by Keeper Security Inc.) has revealed some SHOCKING password-related missteps. The report can be read here, but I’ve included some of the juicier tidbits below for convenience.

For starters, Ponemon canvassed 1000 individuals from a wide variety of business types, so don’t think they’re picking on anyone organization or industry in general. There are boneheads across the board in multiple verticals.

The Key Takeaways:

Insecure Password Storage

The report first looks at how employees are saving their passwords.

  • When asked how respondents save their work-related passwords, 57% (570 people) said they wrote them on “sticky notes” near their workstation. 382 of those people said at various times they’d lost those “sticky notes.”
  • Even with Identity and Access Management tools, 49% of respondents said they saved their work-related passwords in an unprotected document in the cloud. 51% said they saved their passwords in a document saved directly on their computer.

Weak and Easily Guessed Passwords

We’ve used this blog before to talk a bit about what makes a password secure and you can read about that here. The report showed that even with very well-established and easy-to-follow guidelines for password security, people are still cutting corners.

  • 37% of respondents use the businesses they work for’s name in their work-related password.
  • 34% use their significant other’s name or birthday as a password.
  • 31% use their child’s name or birthday as their password.

Sharing Passwords

Password sharing, in any form, can lead to some pretty massive problems. I suggest you read this article on the Principle of Least Privilege to familiarize yourself as to why. That said, the report noted people are still sharing that information with unauthorized individuals.

  • 14% of respondents shared their work-related passwords with their significant other.
  • 11% have shared their work-related password with another family member.

It’s Not Just the Employees Making Mistakes

If you think it’s just the workforce making these mistakes, you’re wrong. People higher up the food chain are not only making the same mistakes but allowing others to make them willingly.

  • 46% of respondents said their company shares passwords for accounts that are used by multiple people.
  • 34% have shar3d work-related passwords with colleagues on the same team.
  • 32% have shared work-related passwords with their managers.
  • 19% have shared their passwords with their executive team.
  • 62% have shared work-related passwords over text message or email with a coworker
  • 32% admit to accessing an online account belonging to a previous employer, which means after an employee leaves a company, no one is making sure “zombie” accounts get shut down.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects? The Quick Take Managing IT projects effectively is crucial for ensuring success and maximizing ROI. Here are the best practices to follow: Define Clear Objectives and Scope: Set specific, measurable, achievable,...

What Is The Future of Managed IT Services?

What Is The Future of Managed IT Services?

What Is the Future of Managed IT Services? The Quick Take: The future of managed IT services for small and medium-sized businesses is bright, with the market expected to grow from $1.735 trillion to $2.173 trillion by 2028. Key trends driving this growth include:...

The Regulatory Outlook for 2025 and What That Means for Banking IT

The Regulatory Outlook for 2025 and What That Means for Banking IT

With a new administration coming in, 2025 promises to be a year of change. But will it significantly impact banking regulation and your bank’s cybersecurity? No one has a crystal ball, of course, but recent global outlooks for the banking industry seem to point to two...