Today, password management solution provider LastPass released “The 2018 Global Password Security Report.” The report analyzed and ranked 43,000 enterprises spanning industries, verticals, and sizes that incorporate the LastPass business password manager in their security policies. LastPass’ goal is to get a better understanding of modern password practices.
To standardize the data they compiled, LastPass gave each enterprise a security score ranging from 0 (Poor) to 100 (Exceptional). These scores are based on criteria such as the number of duplicate passwords, multifactor authentication, and the average strength of each password in the organization.
Here are some of the key findings from the 2018 Global Password Security Report by LastPass:
- The average security score was 52 (Fair), indicating enterprises are only performing the minimum of password security.
- The average password security score decreased as enterprises scale upwards. Enterprises with 25 or fewer employees had an average score of 50, while those with over 500 employees had an average score of 46.
- As industries, Retail, Manufacturing, and Insurance had the lowest password security scores on average (48, 48, and 47 respectively). Technology and Software as an industry had the highest average with 53.
- 45% of enterprises are using multifactor authentication, an increase from 2017’s 24.5%. Small enterprises have embraced MFA more thoroughly than large enterprises.
Ultimately, LastPass believes some enterprises are excelling in password security, but many are still suffering from password duplication and weak passwords. Enterprises appear to be struggling far more overall with password security than SMBs. LastPass speculates that enterprises are often more constrained by competing priorities and bureaucratic red tape than SMBs.
You can read LastPass’ 2018 Global Password Security Report in full here.
Latest posts by Ben Canner (see all)
- 2020 Vendors to Know: Identity Governance - July 9, 2020
- 2020 Vendors to Know: Privileged Access Management - July 7, 2020
- 3 Authentication Myths to Avoid In Your Identity Management - July 1, 2020