In February 2021, Keeper surveyed 1,000 employees in the U.S. about their work-related password habits — and discovered that a lot of remote workers are letting password security go by the wayside.
Here are 5 critical password security rules they’re ignoring.
1. Always use strong passwords
Strong passwords are at least eight characters long (preferably more) and consist of random strings of letters, numerals, and special characters. Passwords should never include dictionary words, which are easy to guess, or personal details, which cybercriminals can scrape off social media channels.
- 37% of respondents to Keeper’s survey said they’ve used their employer’s name as part of their work-related passwords
- 34% have used their significant other’s name or birthday
- 31% have used their child’s name or birthday
2. Use a unique password for every account
Some things should never be recycled — like passwords. When employees reuse passwords across accounts, they greatly increase the risk that their employer will be breached.
Unfortunately, 44% of respondents to Keeper’s survey admit to reusing passwords across personal and work accounts.
3. Store all passwords securely, with full encryption
Using a strong, unique password for every account is only a starting point. Employees also need to store their passwords securely. Keeper’s survey demonstrated that they’re not doing that:
- 57% of respondents write down their passwords on sticky notes, and 62% write down their passwords in a notebook or journal, which anyone else living in or visiting the home can access.
- 49% store their passwords in a document saved in the cloud, 51% use a document stored locally on their computer, and 55% save them on their phone. Because these documents aren’t encrypted, if a cybercriminal breaches the cloud drive, computer, or mobile phone, they can open the employee’s password file.
4. Never share work-related passwords with unauthorized parties
Work passwords are confidential business information that employees should never share with anyone outside the organization, not even their spouses. Keeper’s survey revealed that 14% of remote workers have shared work-related passwords with a spouse or significant other, and 11% have shared them with other family members.
5.Password-sharing within the workplace is okay, but only if it’s done securely, with full end-to-end encryption
Shared passwords in the workplace can be done safely if employees share passwords using a secure method, and the passwords are shared only with authorized parties. However, Keeper’s survey discovered that 62% of respondents share passwords through unencrypted email or text messages, which can be intercepted in transit.
If you find it interesting, you can read:
Reference: Keeper Security