In response to Keeper Safety’s Office Password Malpractice Report, many distant staff aren’t following greatest practices for password safety.
Password safety was an issue even earlier than the appearance of widespread distant work. So, what occurred post-pandemic? Keeper Security’s Workplace Password Malpractice Report sought to search out out.
In February 2021, Keeper surveyed 1,000 staff within the U.S. about their work-related password habits — and found that a number of distant staff are letting password safety go by the wayside.
Listed here are 5 vital password safety guidelines they’re ignoring.
1 — At all times use sturdy passwords
Robust passwords are at the least eight characters lengthy (ideally extra) and include random strings of letters, numerals, and particular characters. Passwords ought to by no means embrace dictionary phrases, that are simple to guess, or private particulars, which cybercriminals can scrape off social media channels.
- 37% of respondents to Keeper’s survey stated they’ve used their employer’s identify as a part of their work-related passwords
- 34% have used their vital different’s identify or birthday
- 31% have used their kid’s identify or birthday
2 — Use a singular password for each account
Some issues ought to by no means be recycled — like passwords. When staff reuse passwords throughout accounts, they vastly enhance the danger that their employer will likely be breached.
Sadly, 44% of respondents to Keeper’s survey admit to reusing passwords throughout private and work accounts.
3 — Retailer all passwords securely, with full encryption
Utilizing a powerful, distinctive password for each account is simply a place to begin. Staff additionally must retailer their passwords securely. Keeper’s survey demonstrated that they are not doing that:
- 57% of respondents write down their passwords on sticky notes, and 62% write down their passwords in a pocket book or journal, which anybody else residing in or visiting the house can entry.
- 49% retailer their passwords in a doc saved within the cloud, 51% use a doc saved regionally on their pc, and 55% save them on their telephone. As a result of these paperwork aren’t encrypted, if a cybercriminal breaches the cloud drive, pc, or cell phone, they’ll open the worker’s password file.
4 — By no means share work-related passwords with unauthorized events
Work passwords are confidential enterprise info that staff ought to by no means share with anybody outdoors the group, not even their spouses. Keeper’s survey revealed that 14% of distant staff have shared work-related passwords with a partner or vital different, and 11% have shared them with different relations.
5 — Password-sharing inside the office is okay, however provided that it is executed securely, with full end-to-end encryption
Shared passwords within the office may be executed safely if staff share passwords utilizing a safe technique, and the passwords are shared solely with licensed events. Nevertheless, Keeper’s survey found that 62% of respondents share passwords by means of unencrypted electronic mail or textual content messages, which may be intercepted in transit.
Keeper helps organizations forestall office password malpractice
Keeper’s enterprise-grade password safety and encryption platform helps organizations forestall password malpractice — and password-related cyberattacks — by giving IT directors full visibility into worker password practices, in addition to the flexibility to implement password safety guidelines company-wide.
- Seamlessly integrates into any IAM tech stack. Keeper integrates with Azure, AD, LDAP, and SSO, making it a vital a part of any trendy IAM technique.
- Robotically generates sturdy, distinctive passwords. Keeper robotically generates sturdy, random, distinctive passwords for each account and app.
- Securely shops passwords in an encrypted digital vault. Every worker will get an encrypted digital vault that they’ll entry from any system, working any working system.
- Offers IT admins full management over worker password habits. Utilizing the Keeper admin dashboard, safety personnel can simply configure password safety guidelines, equivalent to size, complexity, and sharing capabilities.
- Permits safe password sharing. Sharing can solely be executed between licensed customers, and Keeper’s zero-knowledge encryption strategies be certain that solely the person can entry and decrypt their saved recordsdata. Data and recordsdata each at relaxation and in transit, are all the time encrypted.
- Supplies your staff with a fringe profit, at no extra value. All protected customers below a Keeper Enterprise account get a free Keeper Family plan at no extra value to your group.
Password safety is the muse of cybersecurity, and it is particularly necessary in a distant work world. It is unimaginable to safe your group with out first securing your staff’ passwords.
Keeper deploys inside minutes, is easy for all staff to make use of, and scales to the scale of your group. Sign up for a 14-day free trial of Keeper now, and begin defending your group from password malpractice.