The Problem of Poor Password Management Practices

Many people’s passwords are weak, and passwords that actually qualify as secure can be inconvenient and challenging to remember. But that’s no excuse to employ weak password practices, especially when it comes to privileged accounts in a business setting! One Identity recently shed some light on troublesome privileged account management procedures with a report that highlights viewpoints from 900 IT security professionals across the globe.

According to TechRepublic’s analysis, nine out of ten security pros have trouble managing privileged passwords. In fact, nearly 20 percent of respondents reported using paper-based records to keep track of credentials. What’s next, a feathered quill? Shockingly, 40 percent of respondents said they don’t bother to update default admin passwords, while nearly 60 percent said they only monitor some privileged accounts.

To hackers, privileged accounts with weak or default passwords are their golden ticket to accessing valuable data. As a matter of fact, according to Forrester, 80 percent of all breaches involve privileged credentials.

So, what can organizations do to protect privileged accounts and minimize their risk of sustaining a data breach?

1. Always change default passwords
2. Use a unique, complex and lengthy password for each account you own
3. Update the security questions for your accounts
4. Set up two-factor authentication for your accounts
5. Consider adopting a password “vault” or manager

For more interesting (and concerning) data points from the survey, check out the full article at TechRepublic.