ISDecisions.com

Language: EN | FR

The Insider Threat Security Manifesto Beating the threat from within

How prolific is password sharing?

We also asked when IT professionals believe their users are most likely to share passwords. The most popular answer (given by 25%) was, quite simply, when a colleague asks for it.

This highlights that the problem of password sharing is more than a technology issue; it is a behavioural issue. If 25% of UK and US office workers just need to be asked by a colleague to give up their password, anyone wishing to use social engineering to gain network access they should not have will not have to try very hard.

Just behind this answer, stated by 24.6%, was ‘when delegating work’. This links to the issues raised earlier of users believing password sharing is necessary, and senior staff giving out their passwords in order to delegate.

The conservative average estimate of just under a fifth of employees sharing passwords is a significant problem, and one that you would expect IT professionals to want to address. Understanding why people share passwords is a key part of doing that,

as we’ve highlighted it is a behavioural issue as well as a technology issue that must be approached from both sides. That means educating people about the dangers of password sharing, but using technology to help people adhere to the policies too, as there will always be people who will try to break the rules.

Manifesto

Limit network access to working hours or specific session times to help ensure the logged in user is who they say they are

Careless user