8 truths about employee passwords
LastPass has released The Password Expos? report, highlighting the challenges of using passwords in the workplace. According to the report, the standard approach to password security in the workplace has failed. “Even worse, businesses aren’t responding to that failure quickly enough,” said LastPass.
LastPass said that for most people, the fear of forgetting a password far outweighs the “remote risk” of getting hacked. “Solving the password problem impacts security, productivity, and even employee satisfaction in the workplace.” The LastPass report lists “8 truths” about employee passwords:
- Passwords are everyone’s problem.
- Employees are overwhelmed by passwords.
- Passwords are a compounding problem.
- Employees are constantly logging in.
- Approved or not, password sharing is common.
- It’s a blurry line between personal and business passwords.
- Single sign-on is not a one-stop solution for passwords.
- Not enough businesses are using multi-factor authentication.
According to LastPass, companies need to build a better framework for password visibility and control.
- Randomising every password for every account.
- Rotating passwords when appropriate.
- Applying role-based permissions to passwords.
- Achieving proper oversight and accountability for shared credentials.
- Adding protection with multi-factor authentication wherever possible.
- Decommissioning employee credentials after they leave or change roles.