TechRepublic reports:
“Survey of more than 1,000 professionals reveals that most think their work password practices are secure, but the reality of the situation is anything but. Nearly half admit to password sharing, more than a third say they write their passwords on paper, and one in four said they still have access to accounts from past jobs. The survey, performed by passwordless security company Beyond Identity, suggests a need for businesses to tighten up their password policies, but with an important caveat: Making the process too laborious for employees means that they’ll just find a way to circumvent the rules. With 45.6% of respondents saying they believe strict password policies hamper productivity, there’s a good reason to ensure a balance is struck”.
<p style=\"font-weight: 400;\">Unfortunately, this survey is not a surprise at all. Almost every cyber attack includes some element of compromised passwords like this. A strong, complex password is pretty secure, but most people do not use complex passwords. If you use a word or a combination of English words that have a meaning to you, this is significantly less secure. Passwords can easily be cracked using tools. This survey just shows passwords are necessary but not sufficient.</p>
<p style=\"font-weight: 400;\">All business needs to start to know what access employees (and former employees) have access to. The less that people have access to, the less they can give away. Firms need to look at preventative data breach controls, rather than detective controls. There is an insider threat component to almost every attack. That is true of real-world workplace theft too, it is almost always your colleagues rather than external actors”.</p>