A report conducted by My1Login, which surveyed 1,000 employees and 1,000 business leaders on their security practices at work resulted in a troubling outcome. The report found that nearly 100% of employees understand what constitutes a strong password, but only 53% admit to using one. The report also found that individuals in the healthcare and education sector were more prone to reusing passwords from personal accounts for their work accounts. Additionally, 85% of employees who reuse personal passwords have received cybersecurity training. CEO of My1Login, Mike Newman, stated that cybersecurity training is not having the desired effect, and believes business leaders should “take the responsibility out of the hands of employees as much as possible” by using an authentication management solution.
Although the report indicates security training may not be effective as employers would hope, it is still important to educate employees. When educating employees on cyber security, it important to teach why password hygiene is important. Databases and online services are being breached daily and leaked or stolen passwords from these breaches are constantly being traded or sold. Reusing a password is an extremely risky and dangerous practice. Passwords should be unique, complex, and changed routinely. Employees should use a password manager, so they do not have to memorize several different passwords. Lastly, employers should require multi-factor authentication (MFA) to add an additional level of security to employee accounts.