Password Fatigue
Thursday, March 28, 2019
password fatigue
Print Mail Download i

Everyone hates passwords. They are difficult to remember, and human nature is to re-use them across platforms, which is well-known to be a no-no. Managing passwords is time consuming, cumbersome and a pain. Which is why they continue to be a problem for security.

A recent research study sponsored by Yubico and conducted by Ponemon Institute entitled The 2019 State of Password and Authentication Security Behaviors Report surveyed 1,761 IT and IT security practitioners in four countries, in order “to understand the beliefs and behaviors surrounding password management and authentication practices for individuals both in the workplace and at home…to understand if these beliefs and behaviors align, and why or why not.”

The conclusion of the report is “that despite the increasing concern regarding privacy and protection online and a greater understanding of the best security practices, individuals and businesses are still falling short. Both parties are in dire need of solutions that will offer both added security and convenience.”

According to the report, respondents spend an average of 12.6 minutes each week or 10.9 hours per year entering and/or resetting passwords. I actually think that is a conservative number, based upon my own experience. The report states that this results in a productivity and labor loss of $5.2 million annually per company. That is a staggering statistic.

Until we can find a better method of authentication, passwords will continue to be a challenge, both personally and professionally. Nonetheless, they are incredibly important for security, and providing employees with tips on how to manage their passwords is still a valuable risk management strategy. I continue to maintain that the use of passphrases is a tip that employees can relate to and it is helpful to encourage the use of complex passwords in your organization.

The Yubico -Ponemon study confirms what we all know: users are sick and tired of passwords. Even so, providing employees with information about how important they are and how to pick a passphrase that makes sense to them is critical to protecting your company’s data.

Copyright © 2024 Robinson & Cole LLP. All rights reserved.

Current Legal Analysis

More from Robinson & Cole LLP

Department of Justice Criminal Division Announces Voluntary Self-Disclosure Pilot Program for Culpable Individuals
by: David E. Carney , Danielle H. Tangorre
FTC Votes to Finalize Rule Banning Non-Compete Agreements Nationwide
by: Ian T. Clarke-Fisher , Trevor L. Bradley
Cisco Releases Updates to Vulnerabilities in Firewall Platforms
by: Linn F. Freedman
USPTO Issues Guidance on Use of AI Based Tools
by: Daniel J. Lass
California Trap & Trace Class Actions on the Rise in the Age of Website Trackers
by: Kathryn M. Rattigan
Aid Package Signed by President Biden Includes Divestiture of TikTok Requirement
by: Linn F. Freedman
Privacy Tip #395 – GM Faces Class Action for Collecting + Disclosing Drivers’ Data Without Consent
by: Linn F. Freedman
AI, Government Contractors, and Employment Discrimination
by: Data Privacy & Cybersecurity Robinson Cole
Chicago’s Application of Parking Regulations Violates RLUIPA
by: Eden (Hunter) Yerby
The Department of Education Releases Significant Revisions to Title IX Regulations
by: Kathleen E. Dion , Seth B. Orkand

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins