Printer Friendly

Study Finds 1 In 5 Enterprise Passwords Can Be Compromised Easily.

Researchers found enterprise environments, where user accounts often have access to sensitive and proprietary information, are often insecure and nearly ( 20 percent can be compromised  easily.

The findings stem from a ( study conducted by authentication company Preempt, which used data collected from 220 organizations that use the Preempt Inspector application, which assesses an organization's password health.

Read: ( Is My Password Secure? NIST Advises Against Periodically Changing Passwords

In addition to one in five passwords being vulnerable, more than 7 percent of all users are actively using a password that has appeared in a previous data leak. This means without any guesswork or attempts to crack an account, an attacker could log into a person's account using the leaked credentials.

Reusing passwords are associated with accounts involved in leaks also can lead to easy breaches. If a user's email or name is in a breach and that information can be tied to another one of their accounts that shares the same password, that account can also be hacked despite not directly being involved in the leak.

Adding to the likelihood an account is compromised is the practice of password sharing. Preempt's data found nearly 15 percent of users in enterprise environments share passwords with colleagues. While the practice may provide convenience when logging into services, it also increases the risk that a password is compromised.

Unsurprisingly, Preempt found organizations with a high percentage of shared passwords also see an increased rate of compromised passwords.

Read: ( World Password Day: How To Create A Secure Password

While all organizations can fall victim to weak passwords, large organizations tend to have better security practices than smaller ones. This is likely because larger organizations have a dedicated information technology team that can set stricter password requirements and make sure other members of the organization are abiding by those standards.

Organizations based in the United States tended to be less likely to suffer from password compromises. The country had half as many instances of weak passwords compared to the rest of the world. Preempt theorizes this is because awareness of credential theft is much higher in the U.S.

In recent years, the common practices for ensuring password security have changed. Last month, the National Institute of Standards and Technology (NIST) ( changed its recommendation for periodically changing passwords as a way to increase security.

The government body, which sets the security standards and best practices adopted by many private sector entities including enterprise organizations, advised against requiring password changes unless there is evidence a password has been compromised because requiring rotating credentials often leads to users creating less secure passwords.

NIST also suggested encouraging the use of passphrases - longer passwords that utilize several words - in favor of passwords that often use characters that are difficult to commit to memory. The longer phrases prove more difficult to crack for attackers and easier to remember for users.
COPYRIGHT 2017 IBT Media, formerly dba International Business Times
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2017 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:International Business Times - US ed.
Date:Jun 16, 2017
Previous Article:LeBron James And Draymond Green Have Been Beefing For Years.
Next Article:Facebook To Fight Terrorism With AI, Policy Experts.

Terms of use | Privacy policy | Copyright © 2018 Farlex, Inc. | Feedback | For webmasters