Password security and good credential hygiene are some of the most important components of any organization’s cybersecurity posture, but many are still engaging in risky password practices that threaten their organization’s network security.
That’s even true for IT, as 92% of IT decision makers reported reusing passwords across multiple sites—even as cyberattacks escalate due to the new distributed way of working, according to a new survey from password management provider Bitwarden.
The good news, according to Bitwarden, was that 88% of organizations utilize two-factor authentication, which has been shown to help prevent credential-stealing cyberattacks. Still, 45% say it slows down their workflow, and 44% say it takes too long to implement.
Also encouraging was the percentage of organizations using password management software, as 86% said they use tools to help manage passwords, which is up 9% over the past year.
Further, 84% of respondents said their employer requires employees to use the same enterprise-wide password manager.
On the flipside, many engage in password management practice largely viewed as risky, including documents on a computer (53%), memory (42%), and pen and paper (29%).
Like previous years, too many IT decision makers are sharing company passwords through unsecure methods, but the number of IT decision makers doing so through email has skyrocketed from 39% to 53%, a trend that Bitwarden attributes to the sudden adjustment to remote work and the increased rate of employee turnover.
According to the study, 61% of survey respondents said they are increasingly concerned about cybersecurity because they fear remote employees are more lax about their security posture. Others cite the high rate of employee turnover for password management difficulties.
That same turnover is also impacting IT professionals themselves, as 58% of IT decision makers are working longer hours due to turnover and difficulty hiring (29% each).
In a statement pointing readers to the company’s solutions, Bitwarden CEO Michael Crandell said people continue to engage in risky credential practices despite the common knowledge that using unsecure sharing methods can lead to a cyberattack.
“People need easy ways to transmit sensitive information with end-to-end encryption via email, which is where Bitwarden Send comes in,” he said. “Implementing the right tools from the C-suite level down will streamline communication within your organization and keep your credentials secure so you can do business faster, safely.”