Skip to main content
close search
site logo
Dive Brief

Employees can't quit habit of writing down, sharing passwords

Published April 6, 2021
David Jones's headshot
Reporter
Close up of a person typing on a laptop
SARINYAPINNGAM via Getty Images

Dive Brief:

  • Amid a growing debate about cyber hygiene practices and insider threats, the majority of corporate workers in the U.S. engaged in sloppy management of work-related passwords, according to a report released Tuesday by Keeper Security. Conducted by Pollfish, the research was based on a survey of 1,000 corporate workers.

  • The report shows 57% of U.S.-based corporate employees are writing passwords on sticky notes. Two-thirds of those surveyed lost the written down passwords in the past, raising questions about who actually took possession of them. 

  • In addition, 62% of respondents said they have shared a work-related password over email or text message, which are vulnerable to cybertheft. About 46% of respondents said their company directed them to share passwords that are used by multiple people.

Dive Insight:

The report comes at a time of robust debate about password security practices and cyber hygiene in the U.S. technology sector, critical infrastructure entities and government agencies across the country. 

SolarWinds, a central player in the nation-state attack against the U.S. last year, was blasted by lawmakers during February Congressional hearings amid reports that "solarwinds123" had been used as a password internally. 

In addition, 60% of IT security leaders expect a sharp increase in insider threats, with more companies becoming vulnerable to inadvertent and purposeful data leaks, according to a report released in March by the Ponemon Institute on behalf of Code42.

The year-long move to remote work following the outbreak of COVID-19, appears to have accelerated already weak policies and practices of these entities, as about two-thirds of workers said they were more likely to write down passwords when they were operating from their home environments, according to the report. 

"For some reason, when people move to a remote work setting, they're more lax about their password security, and they're more prone to violate or soften internal controls with respect to their employers," Darren Guccione, co-founder and CEO at Keeper Security, said in an interview. 

Besides the storage of passwords, a significant percentage of workers are making poor decisions about their creation of new passwords. About 37% of respondents said they incorporated their company's name into a password and 44% are using the same password for work and personal accounts. 

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell