Weak passwords are still essential obstacles to corporate security.
Even with increased investment in digital security, companies still suffer from the reuse and adoption of weak passwords adopted by employees, points to LastPass by LogMeIn's 3rd Annual Global Password Security Report. The study provides insight into employee password adoption behavior and analyzes rising trends in the areas of identity and access management for companies around the world.
According to the report, even though 57 percent of companies surveyed report using multifactor authentication (MFA) solutions, employees still embrace weak passwords on corporate systems. Another problem identified by the study is the reuse of passwords, such as when a user always creates passwords that are the same as their own, and reuses passwords of other employees.
The report found that stolen and reused credentials are linked to 80% of cybercrime violations. "Companies should take more steps to improve password and access security to make a big impact on reducing risk," the researchers recommend in the report. The full report is available in English at the link.
Gerald Beuchelt, LogMeIn's director of information security, says protecting employee access is an extremely necessary security precaution. "Unfortunately, we see that most companies completely ignore password security or, when they include them in their processes, they don't treat them as a priority," he says.
“This report also highlights the importance of using the identity and access management tools available to information security managers, as well as focusing on training employees to improve their password habits,” explains Beuchelt.
Who is more susceptible?
The reuse of passwords and the use of weak passwords is a practice adopted by employees of companies of various sizes, but mainly by employees of small companies. Companies with fewer than 1,000 employees reuse 10 to 14 passwords, compared to just four passwords reused in larger organizations, the study notes.
Other identified data is that companies in the media, communication and advertising industry have the most passwords to manage, while public administration employees have the least.