LastPass Survey: Password Behavior Stagnates Despite Awareness

password behavior Sandor Palfy LogMeIn

Password manager solution provider and LogMeIn trademarked company LastPass released the results of their new global survey via an ebook entitled “Psychology of Passwords: Neglect is Helping Hackers Win.” The survey polled 2,000 users across the United States, Europe, and Australia.  Among their surprising and concerning findings, perhaps the most telling is that increased knowledge of security best practices doesn’t necessarily result in better employee password behavior.

Despite the continual deluge of headlines about data breaches and enterprise hacks and the increasing awareness of cybersecurity best practices, LastPass discovered a noticeable stagnation in password behavior over the past two years.

Here are some key findings from the “Psychology of Passwords: Neglect is Helping Hackers Win” e-book:

  • 91% of users know that using the same password is a security risk.
  • 59% continue to do so anyway.
  • 53% haven’t changed their passwords despite hearing of a data breach within the past 12 months.
  • 61% explain their password behavior stems from a fear of forgetting their passwords.
  • 50% say they are motivated by wanting to be able to control all of their passwords.
  • 79% say they have anywhere between 1 and 20 online accounts, both for work and for personal use.
  • 62% use the same passwords for work and for personal use.
  • 88% said that password hacking is a serious cybersecurity threat.
  • 69% are fearful when they hear news of password hacking.

In a statement, Sandor Palfy, CTO of Identity and Access Management at LogMeIn, said: “The cyber threats facing consumers and businesses are becoming more targeted and successful, yet there remains a clear disconnect in users’ password beliefs and their willingness to take action. Individuals seem to understand password best practices, but often exhibit password behaviors that can expose their information to threat actors.”

This news is relevant to enterprises it confirms that employee password behaviors affect their overall security—the reuse of passwords and the use of personal passwords in professional settings can put your databases at risk. Identity and access management solutions can help your employees implement better password behaviors, including password rotation and single sign-on. The stakes have never been higher: the average total cost of a data breach was $3.62 million in 2017.

You can read LastPass’ full ebook “Psychology of Passwords: Neglect is Helping Hackers Win” here.

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner