Reusing passwords in the workplace is one of the quickest ways to get your accounts compromised, yet despite repeated warnings, the vast majority of employees still do it.
A report from Bitwarden surveying 800 IT decision-makers from the UK and the US discovered that 90% reuse passwords in the workplace.
While the survey does state that many (84%) use password managers (opens in new tab), there are still plenty of people out there managing their passwords with super risky methods: more than half (54%) manage passwords with documents on their computer, while 45% just try to memorize them.
MFA on the rise
When it comes to sharing passwords, security measures aren’t any better – 38% use shared online documents, while 41% would simply share the passwords via email.
Should a threat actor get access to someone’s inbox or cloud hosting services, they could get their hands on important login credentials, further exacerbating the problem. On the other hand, the good news is that almost everyone (92%) uses multi-factor authentication (MFA), up from 88% a year ago.
Despite being declared dead on numerous occasions in the past, passwords are still one of the most popular authentication methods, both in the office and at home. People often use simple and easy-to-guess passwords (for example, “password”, or “12345678”), use the same passwords across multiple services, share them with their friends and family, or leave them lying around on slips of paper at their desks.
Having strong passwords that are frequently changed is inconvenient, which is why businesses are turning to password managers or passwordless solutions. Biometric authentication (fingerprint scanners, facial recognition software, and similar), as well as passkeys, are growing in popularity.
In fact, Bitwarden’s report claims roughly half of respondents deploy or have plans to deploy passwordless technology. Of that number, two-thirds (66%) have 1-2 user groups or multiple teams using passwordless technology and 13% have deployed to their entire organization, already.
“Our survey shows businesses are looking beyond passwords and desire new technologies that reflect passwordless workflows, which shouldn’t come as a surprise,” said Bitwarden CEO Michael Crandell.
“While strong and unique passwords are highly effective at safeguarding data, weak or re-used passwords that are not managed by an end-to-end encrypted password manager present serious vulnerabilities. The Bitwarden approach takes into account this evolution but also reflects that adoption timelines vary by company, technology, and end-user preference and that security remains the paramount goal for individuals and enterprises alike.”
