Skip to main content

Organisations doing password security in a risky way

(Image credit: Image source: Shutterstock/Ai825)

Organisations understand the dangers of passwords to their security posture, but it seems they are taking the wrong approach to solving the problem. 

This is according to a new report by LastPass and Ovum (opens in new tab), which is saying that organisations are focused on technology based on features and policy and not the user.

More than half of IT execs rely on users to keep themselves safe, which LastPass and Ovum consider a risky approach. Three quarters of IT execs don’t control all cloud-based apps their employees use. Most realise the lack of control, but are doing very little to address it.

Also, three quarters (76 per cent) regularly experience problems when using passwords, and almost a third need the support of the help desk at least once a month.

“This research has clearly identified there is an urgent need to close the password security gap,” said Andrew Kellett, principal Analyst, infrastructure solutions at Ovum.

“Far too many organisations are leaving the responsibility for password management to their employees and don’t have the automated password management technology in place to identify when things are going wrong.”

“In many cases, an organisation’s password management practices are overly reliant on manual processes and far too often place an excessive level of trust in employees to use safe password practices”, said Matt Kaplan, GM of LastPass. 

“The threat posed by human behaviour coupled with the absence of technology to underpin policy is leaving companies unnecessarily at risk from weak or shared passwords. Organisations need to focus on solving for both obstacles in order to significantly improve their overall security.”

Image source: Shutterstock/Ai825

Sead Fadilpašić
Sead Fadilpašić

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.