Password recycling risk

62% of employees reuse passwords across business and personal accounts, with 70% of leaders concerned about the issue.

  • 3 years ago Posted in

Nearly two thirds of employees are using personal passwords to protect corporate data, and vice versa, with even more business leaders concerned about this very issue. Surprisingly, 97% of employees know what constitutes a strong password, yet over half (53%) admit to not always using one.

 

This is according to new research by identity and access management company My1Login, which surveyed 1,000 employees and 1,000 business leaders to compare employees’ realities, opinions, and outlook to security at work, alongside expectations and opinions of business leaders across a variety of industries.

 

The research also found that 85% of employees are reusing passwords across business applications after receiving training, in contrast to 91% of employees who haven’t received any cyber security training. Training is only making a negligible difference to how employees are protecting corporate data, highlighting that corporate security is at a high risk of being compromised even for organisations investing in training.

 

In terms of industry-specific findings, the research found that employees in the healthcare sector are particularly prone to reusing passwords, with 94% of employees declaring they have done so. Employees in the education and public sector reused passwords to a similar degree, with 91% of respondents admitting having done so in healthcare and 83% in the public sector.

 

All three verticals were also found to have the highest use of personal passwords for business applications, with 75% in education and 61% in healthcare and public sector, considerably higher than employees in technology (45%).

 

Mike Newman, CEO of My1Login, commented: “Poor password habits make cyber criminals’ lives far easier, offering a gateway into organisations and enabling them to conduct damaging, far-reaching cyber-attacks. From creating weak passwords to reusing them across applications, employees consistently struggle to maintain good password ‘hygiene’.

 

“Our finding that cyber security training is not having the desired effect – despite significant investment from leaders into helping employees improve their security behaviour – is very concerning. Employees are finding the process of juggling a variety of passwords frustrating, and this negativity is translating into negligent password practices due to a lack of motivation.

 

“Instead of relying on training to change employees’ behaviour around the protection of corporate data, business leaders need to take the responsibility out of the hands of employees as much as possible. An authentication management solution which offers a passwordless single sign-on experience does just that, alleviating the burden placed on employees and elevating productivity and wellbeing, in addition to placing leaders back in control of their organisation's security,” Mike concluded.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Trend Micro has released new research detailing the murky cybercrime supply chain behind much of...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...
State of Industrial Cybersecurity report reveals only 21% of organizations achieved full maturity...