Only 21 percent of employees create unique passwords for each of their online accounts, according to a new national password survey commissioned by LogRhythm.
Not creating unique passwords place organizations at a risk for a potential security breach, which may lead to significant monetary losses for those involved.
Findings of the survey reveal that 54 percent of respondents overlap their personal and work passwords and 88 percent record their work passwords in an unsecure location.
79 percent employees are required to change their work passwords less than once a month
"Compromised user credentials continue to be a common vector through which cyber attackers penetrate the networks of their targets. User accounts and passwords are being harvested on the black market in support of active and future attacks," said Chris Petersen, senior vice president of products, CTO and co-founder at LogRhythm. "In many cases, an attacker must compromise credentials in support of their goals. It is imperative employers vigilantly monitor for behaviors of compromised credentials to avoid data breaches and other damaging cyber incidents."
Consequences of inaction
LogRhythm's survey is based on a poll of 520 full-time employees at organizations with 250 or more employees in many industries including healthcare, retail and manufacturing.
The company notes that if a person is exposed at home or at work, he is exposed in both areas.
No password is secret if you are storing it in a place where it can be easily accessed by other people.
As employees change their work passwords less than once a month criminals have more time to find and exploit vulnerabilities.
LogRhythm recommends employees to switch passwords frequently, have unique passwords for all online accounts and advises them to have no overlap between work and personal passwords.
Sign up for CIO Asia eNewsletters.