Pages

New Study Reveals Shockingly Poor Password Hygiene Among IT Leaders

Password protecting your accounts is not a new phenomenon, and indeed recent events have shown that using nothing but a password might not be perfectly safe because of the fact that this is the sort of thing that could potentially end up allowing malicious actors to brute force their way into your account. Users are recommended to avoid sharing their passwords and are also told to use randomized password generators, but in spite of the fact that this is the case IT leaders don’t seem to be following their own instructions.

Hitachi ID, a vendor that offers identity management software, recently did a survey of a hundred top level executives in order to ascertain the level of cyber security they were keeping up with. With all of that having been said and now out of the way, it is important to note that a shocking 46% of IT leaders have their corporate passwords written out on shared documents which puts them at risk of serious security compromises if word gets out.


The truly confusing thing here is that 63% of these IT leaders said that they acquire and provide password hygiene training every year, but in spite of the fact that this is the case they don’t seem to know the basic aspects of good cyber security practices. While 30% of IT leaders did state that they use password managers that are offered to them by their companies, this still falls well short of the number that make one of the gravest password hygiene errors that one can make.

There also seems to be an issue with ensuring cyber security by vetting departing employees. Only a third of employees, or 33% to be exact, stated that they could transfer passwords and log in details with any degree of confidence. That can cause a very messy cyber security situation in corporations, and it explains why major companies suffer from cyber attacks so frequently.

As long as these IT leaders don’t follow the right practices, it will be difficult to convince regular people and employees to do the same.


Read next: Paying the Ransomware Amount Often Doesn’t Get Businesses Their Data Back

No comments: