Bad password management costs businesses up to £130,000 and a year in lost productivity.
According to research by Centrify, of 2,000 UK and US participants, it found that the average employee wastes £261 a year in company time on trying to manage multiple passwords, which for a company with 500 staff is a loss of more than £130,000 a year.
Barry Scott, EMEA chief technology officer for Centrify, told IT Security Guru that the concept was to study attitudes to passwords and, from a commercial aspect, the cost to business. “We wanted to see how coping with passwords was working for people and the cost to productivity,” he said. “The average UK employee wastes £260 a year managing passwords, and this needs to be addressed.
“It is more about how people are getting on, and the cross over between business and personal lives exacerbates the problem as if bad password management creeps into the work life it can be expensive.”
The survey found that 38 per cent have accounts they cannot get into any more because they cannot remember the password, while 28 per cent get locked out at least once a month due to multiple incorrect password entries.
Scott said: “According to our survey, over a quarter of us now enter a password online more than ten times a day, which could mean 3,500 to 4,000 times a year. This is becoming a real challenge for employers who need to manage security and privacy concerns, and for employees who are costing their companies time and money.
“Passwords have got to go. We have been using them for thousands of years and bad habits of writing them down and using personal information in the password are common. Also, people avoid using symbols so everyone is guilty of it.”
Scott said that it is not just lost productivity; it is putting a company at risk with the explosion of SaaS solutions requiring more logins. “We would advocate that people use federated authentication for a trusted identity,” he said.
“We move towards one set of credentials for devices using SaaS, which helps for productivity but improves the security stance as you can delete you account when you leave.”
With nearly half (42 per cent) of respondents creating at least one new account profile every week – more than 50 a year – the problem with password management will get worse. The survey found that 14 per cent believe they will have 100+ passwords to deal with in the next five years.
Scott said: “When you see these statistics, then it makes you realise it is real. Or when you hear someone on the phone reading out details on the credit card out loud, you realise it is true. We need to educate people that even close family doesn’t need to know your passwords and you need them to be more complex.”
Andy Kellett, senior security analyst at Ovum, said: “With today’s workforce also using social media and flexible remote tools and applications, we need to empower them to do this by allowing them to have more ownership of their identities and incorporate better, more balanced, security measures that also improve productivity.”