Password Security Survey: Even Pros Are Lax

Follow by Email

Social media users, even those working in the cyber security field, are exposing themselves to security threats, according to a password security survey conducted by security specialist Thycotic at the RSA Conference in San Francisco in February. More than half – 53 percent – of respondents said they hadn’t changed their social network passwords in over one year.

Twenty percent said they have never changed their passwords since opening their accounts. Furthermore, 30 percent of cyber security professionals actually don’t follow one of the profession’s cardinal rules: they use birthdays, addresses, pet names or children’s names for their work passwords, Thycotic found.

That leaves a door open for hackers to infiltrate their email systems. In addition to their vulnerability to cyber threats, the survey results highlight the lack of standards regarding implementation of automated password security managers, Thycotic notes, based on market research carried out with Cybersecurity Ventures.

Password Security Survey

According to the password security survey:

  • 45+ percent of respondents said they believe privileged accounts accounted for at least half of the cyberattacks
  • Approximately 65 percent of respondents do not believe cyber security will get stronger under President Donald Trump
  • 25+ percent of respondents said they change their password at work only when the system tells them to
  • 20 percent of respondents have never changed their social network passwords, ever

The revelation that cyber security professionals themselves are using weak passwords for their credentials is shocking, as well as unacceptable, commented Thycotic president and COO James Legg. “These survey results just go to show just how vulnerable a lot of people have made themselves and the companies they work for through being irresponsible with passwords. Without the proper solutions in place, companies are really at risk here.”

Eight in 10 cyber security attacks involve weak or stolen passwords, according to Forrester Research. In addition, more than 3 billion user credentials/passwords were stolen in 2016 alone, Thycotic points out.

Password and credential management is becoming more complicated. Every individual employee will be responsible for about 90 passwords come 2020, according to the research report.

“As we know, social networks give away a lot of private information. For people to not consider changing their passwords on a regular basis on their Facebook, Twitter and LinkedIn accounts, they are easily allowing hackers to access information that will grant them access to other facets of their lives, like their work computers and email,” said Joseph Carson, Chief Security Scientist at Thycotic.

“Not only is this a huge vulnerability, but this is also a flaw within large social networks that don’t remind or make it clear and transparent to the user about the age or strength of the password or best practices.”

Nearly two-thirds of Americans (64%) have personally been victims of data breaches, according to a recently released study from the Pew Research Center. Despite concerns about unauthorized surveillance by corporations and government, as well as threats posed by cyber criminals the time Americans spend online continues to rise. LINK:



Leave a Reply

Your email address will not be published. Required fields are marked *