Centrify survey finds 38 per cent don’t use passwords on devices accessing work data; One in four commit cardinal sin of using same password whenever possible
A Centrify-sponsored survey reveals that companies lose more than US$420 of productivity annually per employee due to workers grappling with passwords; a loss equivalent to giving each employee two new iPhone 6’s every year.
For a company with 500 staffers, the loss is equivalent to nearly US$210,000 per year in productivity.
The survey was conducted by Widmeyer and sponsored by Centrify Corporation, the leader in unified identity management across cloud, mobile and data centre.
The survey also found that nearly one-third of sampled workers enter more than 4000 passwords a year while accessing applications, wasting about 24 hours annually in the process.
And while half of the respondents wrongly believe they have five or fewer online profiles, 37 per cent actually create more than 50 new account profiles annually.
What’s more, employees’ poor password habits put their employers at risk, as nearly half of respondents use their personal devices for business purposes, and more than one-in-three do not use passwords on those devices, even though many keep office email, confidential documents, customer contact info, and budget information on them.
These findings underscore a real need for a better approach to passwords, and beg the question: Can companies afford the double-whammy of security risk alongside the gouge in productivity?
“The results show that employees, regardless of how often they’re warned of the dangers to their data, opt for convenience over security,” said Jon Oltsik, senior principle analyst at ESG. “Between employees’ lack of diligent password use and their loss of productivity, it has never been more clear that the time has come for companies to move beyond relying on passwords for protecting their applications and data.”
The survey results further showcase the need to improve the way we engage with passwords:
- While 53 per cent of workers sampled say it’s completely their responsibility to keep the work data on their personal device safe, more than one third (38 per cent) still don’t use passwords to protect their devices.
- People have very little faith in the absolute security of their passwords, as only 12 per cent of respondents believe their passwords are very secure.
- People find forgetting passwords more annoying than misplaced keys, dead cell phone batteries and spam email.
“I think most would agree that passwords are broken, but it’s shocking when you quantify the magnitude of what passwords are costing organisations from both an efficiency and effectivity standpoint,” noted Centrify CEO Tom Kemp.
“This underscores the demand for a better approach, whether that’s unified identity management with benefits like single sign-on and multi-factor identification for corporations, or new types of encryption systems for public websites. There are more reliable options available than ever before, so we should be asking ourselves what it’s going to take to make the move to better systems. Bottom line, it’s time to kill passwords.”
When asked how they remember account profile passwords, respondents confessed to the following top three password crimes:
- One in four admit to the cardinal sin of using the same password whenever possible
- Keeping a hand-written master book of passwords (29 per cent)
- Rotating through a variety of similar passwords (30 per cent)
The Widmeyer survey was developed to assess people’s engagement with, and perception of, passwords, in order to determine their efficacy in the workplace. The survey was completed in September 2014 with more than 1000 participants in North America and 1000 in the UK. Results were similar across both regions.
To download the full report, please visit: http://www.centrify.com/Password-Survey
