Password fatigue could be putting your company at risk

Employees using weak passwords could be putting your company at risk more than previously thought, new research has claimed.

A report from LastPass claims that the sheer number of passwords being used by employees even within an average-sized business means that it is increasingly tricky to keep tabs on which are used for certain accounts and services, leading to possible security flaws.

LastPass' research found that 81 per cent of confirmed data breaches in 2017 were down to weak, reused or stolen passwords - and with 4.2 billion credentials being leaked in 2016 alone, stolen or guessed passwords remain an incredibly easy way for hackers or criminals to gain access to your business.

The study, which analysed over 30,000 companies using LastPass, found that a company employing around 250 people would have an average of 47,750 passwords in use - showing the sheer scale of the problem facing IT teams across the world.

Employees were also found to suffering from major password fatigue, the company found, with an average of 36 minutes a month spent typing out login and password credentials for the wide range of apps, services and websites needed to do their jobs - with the average worker needing to authenticate access 154 times a month.

With such a large number of logins needed, it's perhaps no wonder that many workers reuse passwords across multiple accounts - but this can pose a major security issue, LastPass warns. The report found that whilst the overwhelming majority (91 per cent) of users knew it was dangerous to reuse passwords, more than half (61 per cent) do so.

"The human element is the largest and most effective attack surface. Every business needs to re-evaluate their security policies and  adapt accordingly," said Matt Kaplan, GM at LastPass.