Some 87% of Gen Zers reuse old passwords across multiple accounts, compared to 75% of the whole employee population, a SailPoint report found.
Expanding digital transformation projects have sparked an increase of users and applications in organizations, according to SailPoint's 2018 Market Pulse Survey, released on Tuesday. However, employees are still being careless with their security practices—personally and professionally. Some users are even fighting corporate IT support to try and be more efficient, said the report.
The report surveyed 1,600 employees at businesses with more than 1,000 people worldwide across age demographics. The US was the country with the largest population of respondents, at 400.
Respondents globally practice poor cyber hygiene when it comes to passwords, the report found: 75% said they reuse passwords between different accounts. This finding has only increased over time, as just 56% admitted to reusing passwords in 2014, according to the report.
SEE: Password management policy (Tech Pro Research)
Security habits are the worst among younger users. The majority (87%) of Gen Z respondents said they reuse passwords across different accounts, according to the report. Additionally, 60% of Gen Zers duplicate passwords across work and personal accounts, compared to only (47%) of all respondents.
Perhaps the most startling discovery though is that 28% of Gen Zers said they would be willing to provide their passwords to a third party, compared to only 15% of all employees and just 4% of those over 55, said the report. The main reason for this is just a lack of concern for company security among younger people, the report added. But statistically, younger people are making up a larger part of corporations' user population, meaning their percentages would be naturally higher, said the report.
Unfortunately, at this point there is only so much companies can do to improve password practices. Most organizations attempt to create policies and procedures within their IT departments to mitigate threats, but this is only useful if employees actually use the resources. Some 55% of respondents cited IT departments as an inconvenience, and 53% said enterprise security measures only make their jobs more difficult, according to the report.
If companies are having trouble convincing employees to change their passwords regularly, they should consider implementing two-factor or multi-factor authentication for enterprise logins. Additionally, companies could have their systems force employees to change passwords every few months, otherwise locking them out of accounts.
Check out this TechRepublic article for more tips on best password security practices.
The big takeaways for tech leaders:
- Gen Zers have worse password security practices than any other age group, with 87% of them reusing passwords across accounts. — SailPoint, 2018
- While companies try to implement security measures through IT departments, 55% of respondents cited IT departments as an inconvenience. — SailPoint, 2018
- Password managers: How and why to use them (free PDF) (TechRepublic)
- Security researcher fined for hacking hotel Wi-Fi and putting passwords on the internet (ZDNet)
- Cheat sheet: Two-factor authentication (TechRepublic)
- New IoT security rules: Stop using default passwords and allow software updates (ZDNet)
- Why nearly 50% of organizations are failing at password security (TechRepublic)