This post is also available in: Danish

Sponsored: This article in published in collaboration with Uniqkey

---

Everybody hates passwords. They’re hard to manage. Easy to forget. And resetting them is a pain.

Because of this, employees use simple passwords for convenience’s sake. Considering that 81% of all cyberattacks leverage poor password security, passwords are now more than an annoyance – they’re a major security risk.

In 2022 alone, we have managed millions of passwords for our customers. Here are 4 things we’ve discovered that can help businesses combat password-related cybercrime.

1) We’re suffering from a password pandemic

We’re constantly creating accounts for new digital tools. While essential to our productivity, it’s also making us careless about our password security, as each new service forces us to create a new set of credentials.

This has led to a password pandemic, where everyone is losing control of their passwords. On average, employees in our system use around 100 passwords, split between personal and work. To handle this mess, we sacrifice security for convenience and pick passwords that are easy to remember. And this is making businesses extremely vulnerable.

2) More awareness ≠ better passwords

Companies know that weak employee passwords are a security risk. The go-to response is regular password changes, but this reduces security instead of improving it because people just make new variations of old passwords.

Another way is to educate employees via awareness campaigns. Despite good intentions, these efforts rarely make an impact. In fact, our data shows that employees’ security score (based on the hash value of their passwords) is equally low whether the customer has run awareness campaigns or not.

3) Restrictive security is doomed to fail

Another solution is restricting employees’ access to new software tools to reduce potential risks. But this approach is built to fail; employees are hired to produce, not protect.

Either it takes so long to get new software approved (we’ve seen examples of up to a year) that employees miss out on a tool that could boost their efficiency. Or worse, they use the tool anyways, increasing the number of unmanaged and potentially vulnerable services connected to the company. In fact, 80% of employees admit to already using unapproved business apps.

4) Employees: the strongest and weakest link

Here’s the truth: Employees don’t care about IT security. They know it’s important, but they won’t go out of their way to follow security best practices if it means sacrificing productivity. Companies can try to fight this – and fail – or see it as an opportunity.

Most cyberattacks capitalize on the misstep of employees. If we give employees business-enabling security tools that are easy to use, they can – instead of being a concern – become a proactive force and form the foundation for a strong cyberdefense.

---

About Uniqkey

Uniqkey helps companies reduce data breaches by automating password use at work and making it easy for the IT department to protect the company’s digital presence.

---