Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 26 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Guest blog: The death throes of the password? Key takeaways from the One Identity Infosecurity Europe survey

by Guru's
August 2, 2022
in Editor's News, Guru's Picks, Opinions & Analysis
Guest blog: The death throes of the password? Key takeaways from the One Identity Infosecurity Europe survey

Password Protection Icon. Flat Design. Business Concept Isolated Illustration.

Share on FacebookShare on Twitter

By Dan Conrad, AD Security and Management Team Lead at One Identity

Authentication is one of the hottest topics in cybersecurity right now. As biometrics, MFA, and a range of other authentication methods continue to threaten the password’s supremacy, we thought it was worth finding out what industry professionals thought about it all.

So that’s what we did. At InfoSecurity Europe 2022, One Identity surveyed more than 100 security and IT professionals to get a picture of how businesses and their employees approach passwords and authentication.

When asked what they consider the biggest security threat to their business and 56 percent of respondents said they believed it to be users sharing passwords for admin tasks. If that isn’t an argument for passwordless authentication, we’re not sure what is. This was followed by 25 percent of respondents believing that the biggest security threat was users clicking on malicious links or opening rogue attachments. Collectively, this means that 80 percent of respondents believe that human error poses the largest threat to an organization’s security.

Interestingly, while the majority (62 percent) viewed educating staff as the most important factor in preventing cyber-attacks, a rapidly growing segment (30 percent) stated that adopting a zero-trust model was more important.

Moving on to multifactor authentication, we are met with some heartening statistics. 99 percent of respondents told us that their company had adopted MFA for remote access and 97 percent said that it was mandated. This confirms what we already knew – that the password as a standalone authentication method is obsolete.

When looking into users’ connections to passwords, we see some interesting results. While just over a quarter of respondents had an emotional connection to a password (28 percent), the majority said they had a favorite password (84 percent). We can infer from this that while most people don’t reuse passwords for sentimental reasons, they likely do for practical reasons. It is concerning that IT and security professionals, people who are more aware than anyone of the dangers of reusing passwords, persist in this bad habit.

This is yet another mark against the use of traditional passwords – if those in the know aren’t following best practices, how can we expect the layman to? The reality is modern users have so many accounts that it is no longer practical to create and remember a new password for everyone they set up. We’ll chalk this one up as another point in support of modern authentication methods, which eliminate these problems.

While it’s clear that users are reusing passwords, it turns out that most respondents are at least adding complexity to their passwords depending on a system’s importance (96 percent). Perhaps unsurprisingly, 76 percent saw banking or financial services as requiring a top tier password, but only 7 percent thought that work emails were deserving of the same protection. This may be an understandable perspective but doesn’t bode well for organizations that routinely share sensitive information through email.

Finally, we make it to how IT and security professionals are storing their passwords. Here, at least, we get some more heartening statistics:

  • 65 percent of respondents said they used passwords managers, which is generally regarded as the safest and most convenient way to keep passwords
  • 23 percent said they wrote their login details down somewhere, which, while not ideal, is safer than using one password across multiple accounts

We did, apparently, come across some cyber-savants claiming they could remember all their login details, but if anything, this suggests that they are reusing passwords for an alarming number of accounts.

The key takeaway here is that the password is on the way out. These results serve as further proof that traditional passwords by themselves are no longer fit for purpose – even leaders in the IT security space fail to follow best practices simply because it isn’t convenient. We’ve seen that businesses are implementing and mandating alternative authentication methods en masse, and it won’t be long before this trend trickles down to the rest of society.

 

FacebookTweetLinkedIn
Tags: CyberCyber Securitypassword
ShareTweet
Previous Post

Armis aims to improve financial services cyber resilience with UK Finance membership

Next Post

Taiwan Hit By Multiple DDoS Attacks Following Arrival of Pelosi

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information