Password management best practices stress the need for every employee to use a different strong password for every system they access within the enterprise. It is a basic principle that has been emphasized over and over by every IT professional and cybersecurity expert that has ever been asked to make organizational security policy. Yet despite all this effort, employees still ignore the rule and greatly increase the security vulnerability of business networks everywhere.
A June 2018 survey by OpenVPN reveals that 25% of employees admit that they use the same password for every enterprise system they access on a regular basis. That percentage is likely to be higher if you consider the number of respondents too embarrassed to admit to such a security violation. Ironically, the same Cyber Hygiene Study 2018 reports that 60% of employees also cite the threat of personal data compromise as their top cybersecurity concern.
Reconciling employee disregard for basic password management with the very real need for better enterprise cybersecurity practices will require a major attitude adjustment by both sides of the equation. IT pros and cybersecurity experts have to acknowledge the inconvenience of trying to remember sometimes dozens of system passwords. At the same time, employees must realize their responsibility to follow best practices for creating effective enterprise-wide cybersecurity.