Technology

Report: The bigger the company, the messier the password practices

A new report from password management company LogMeIn found that the bigger the enterprise, the bigger the problem when it comes to managing passwords.

By Jared Beinart

October 5, 2018

(Getty)

A new report from password management company LogMeIn finds that the bigger the enterprise, the bigger the problem when it comes to managing passwords.

The company’s recently released Global Password Security Report scores its 43,000 customers on password strength, reuse, and use of multi-factor authentication.

While the average score equaled a 52 out of 100 — a score LogMeIn considers to be good — the numbers generally showed the larger the company, the lower the average security score. The report pins the trend on the fact that more employees bring more passwords and unsanctioned apps, as well as extra opportunities for dangerous password behaviors.

“Passwords continue to be a challenge to cybersecurity in the workplace, and attacks continue to grow in number and complexity every year. Despite these threats, businesses have struggled to quantify their own level of password risk,” said Gerald Beuchelt, Chief Information Security Officer at LogMeIn.

That level of risk hasn’t trickled down to the end users, with the report also finding that employees are sharing an average of six passwords with their coworkers.

One positive takeaway from the report is the rise in multi-factor authentication. Around 45 percent of companies use the security measure, a twenty percentage point increase from last year’s report.

Among the sectors measured, technology companies fared the best when it came to their password practices. Tech companies beat out heavily-regulated industries like banking, health, Insurance and government when it comes to password hygiene.

Multi-factor authentication has long been a standard recommendation for enterprises and individuals alike. However, a study last year found that most people still have not heard of the practice.

We’ve seen the market move beyond passwords in recent months, with multiple companies touting security keys that allow for users to remove their bad password habits from their daily routines.

You can read the full report on LastPass’ website.

Report: The bigger the company, the messier the password practices

More Like This

House hurtles toward showdown over expiring surveillance tools

Civil society groups press platforms to step up election integrity work

A tangled mess: Government rules for social media security lack clarity

Top Stories

Mandiant: Notorious Russian hacking unit linked to breach of Texas water facility

With a mysterious surveillance target identified, calls for Congress to change course

House passes bill to limit personal data purchases by law enforcement, intelligence agencies

More Scoops

Training days: How officials are using AI to prepare election workers for voting chaos

Meta’s Oversight Board slams company policies for manipulated media

SEC blames sim-swapping, lack of MFA for X account hijacking

After hack, X claims SEC failed to use two-factor authentication

CISA launches campaign to teach Americans to be safe online

Cyber professionals say industry urgently needs to confront mental health crisis

Microsoft downplays damaging report on Chinese hacking its own engineers vetted

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics