Bad Cyber Hygiene: 54% Of Employees Admit They Use the Same Passwords Across Multiple Work Accounts

Users Use Same PasswordsIt appears that working from home causes employees to develop some very bad cyber habits, demonstrating that cybersecurity hygiene went from bad to worse mid-pandemic.

We’d like to think we’re just as secure while working from home. But a new survey from 2FA vendor Yubico of 3,000 employees, business owners, and C-level execs across the UK, France and Germany shows some disturbing cyber hygiene trends while working from home.

According to the data, employees of all levels within the organization have been putting the business at risk:

  • 54% of employees admitted that they use the same passwords across multiple work accounts
  • 41% of business owners and 32% of C-level executives still remember passwords by writing them down
  • 42% of users are using their work devices for personal use
  • 44% of business owners and 39% of C-level executives said they perform personal tasks while on a work device at home
  • Only 55% are more vigilant about cybersecurity while working from home

And the most shocking…

  • 60% of employees say that they aren’t responsible for cybersecurity and that IT should handle all defenses

It’s this last one that really gets me. Organizations must establish a culture of cybersecurity to some degree, engaging employees to participate in the org’s security stance. The largest (and easiest) role a user can play is by putting Security Awareness Training to practical use every day – that includes both improving cyber hygiene as well as being more cautious when interacting with email and the web. With the expectation that more phishing attacks are coming, it’s critical to put the user in place as a line of defense today. This will result in a far more secure user, environment and organization.

Are your user’s passwords…P@ssw0rd?

Employees are the weakest link in network security, using weak passwords and falling for phishing and social engineering attacks. KnowBe4’s complimentary Weak Password Test (WPT) checks your Active Directory for several different types of weak password related threats.

wpt02Here's how it works:

  • Reports on the accounts that are affected
  • Tests against 10 types of weak password related threats
  • Does not show/report on the actual passwords of accounts
  • Just download the install and run it
  • Results in a few minutes!

Check Your Passwords

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Cybersecurity Awareness Month Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews