Most employees still regularly write job-related passwords on sticky notes, exposing them to the risk of cyber attacks, a new study has warned.
The cavalier attitude towards passwords was revealed as part of a survey commissioned by Keeper Security, the manufacturers of Keeper password managers, based on interviews with thousands of employees from the USA.
Worryingly, 57% of respondents say they have written job-related passwords on sticky notes, a significant majority (67%) also admit that they lose track at some point.
We watch as our readers use a VPN for an upcoming detailed report. We would love to hear your thoughts in the survey below. You will not need more than 60 seconds of your time.
>> Click here to start the survey in a new window
Keeper suggests that the trend of recording passwords on paper seems to have accelerated in the work environment after remote access to Covid-19. The survey found that two-thirds (66%) of respondents agree that they are more likely to write down job-related passwords when working from home than while working in the office.
Poor password management
Despite the wide availability of password managers, most respondents still keep the password unencrypted even when storing it digitally.
The report contains some evidence of such bad password protection practices. For example, 49% of respondents store job-related passwords in an unencrypted cloud document. A larger number (51%) simply put the password in a document stored on their computers.
Still, the most popular digital means of storing a password is the phone, and 55% of respondents chose to record passwords related to a job on a device that is easy to break into or be stolen.
On top of that, passwords are usually weak and easy to guess, with 37% of respondents using their employer’s name, another’s name, or birthday in a job-related password.
Another example of poor password management is that 44% of employees admit to using the same password for both personal and work accounts.
And they are not just employees. The survey reveals that often bad password management practices extend from the top.
Nearly half of respondents (46%) report that their company encourages the sharing of passwords for accounts used by multiple people.
Furthermore, about 32% admitted access to an online account belonging to a previous employer, which is a clear indication that many employers do not disable accounts when employees leave the company.
“The move to a remote work environment has led to even more reckless password management practices, which is very worrying,” said Darren Guccione, CEO and co-founder of Keeper Security.
“As most employees work from the comfort of their homes, they have become too comfortable creating, storing and then sharing these passwords with family and colleagues. Lack of cyber security hygiene not only puts an individual at risk, but can also have a wide range of negative consequences for their It is important to remember that adhering to appropriate safety guidelines in the work environment is just as important as in the office environment. “