Tech decision makers struggle with password security despite having more knowledge on the subject, according to SailPoint research.
Building a slide deck, pitch, or presentation? Here are the big takeaways:
- 10% of IT leaders use common passwords like "password" or "qwerty." — SailPoint, 2018
- 55% of IT leaders have used the same password for work and personal accounts. — SailPoint, 2018
IT decision makers are often the most aware of threats to organizations and the cybersecurity best practices needed to avoid them. However, when it comes to passwords, many tech leaders fail to lead by example, according to a Thursday survey from SailPoint and Vanson Bourne.
More than half (55%) of the 400 IT decision makers surveyed said they have used the same password for both work and personal accounts, violating the rule of password reuse, the survey found. And 10% said they still use one of the most common password fails, like "password" or "qwerty."
It's easy to scoff at these numbers, but they grow more concerning with the realization that when an organization has been compromised, 100% of the time a password was leveraged at some point in the malicious campaign, according to EY research.
Companies including Microsoft are now working toward a password-less future, where professionals can use biometrics like fingerprints or face scans instead of a written login. But in the meantime, employees remain the no. 1 causeof company data breaches, and it's key for security leaders to enforce strong password policies and other cyber hygiene practices.
SEE: Password Policy (Tech Pro Research)
While simple passwords are more easily cracked, nearly a third (32%) of IT decision makers said they have used words like a family member's name in a password. Other common passwords included a pet's name (28%), a favorite location (20%), and a favorite sports team or player (20%).
"Poor password hygiene creates a gateway for attackers to easily get access to enterprise data," the survey stated. "And while we can debate the longevity of passwords, the fact is they're the most widely used and accepted means of authentication. We must be diligent in protecting ourselves and our organizations."
- Password managers: How and why to use them (free PDF) (TechRepublic)
- This password-stealing malware uses Facebook Messenger to spread further (ZDNet)
- Cheat sheet: Two-factor authentication (TechRepublic)
- The dumbest passwords people still use (ZDNet)
- Report: Only 55% of users would change password if they were hacked (TechRepublic)