- Monroe Horn
Bad News on the Business Password Front
The subhead on a recent article on password management is not at all promising: "Employees are more concerned with safeguarding their personal accounts that their business ones."
The issue becomes even more concerning when you consider how many "work" passwords employees have to manage these days. I may have more than most, but I'm up to 50 in my password vault for TransformITy.
Gone are the days when users had just one "work" password they used to log into the company network. Now, users may have passwords for all sorts of online services. Banks, purchasing websites, technical support sites, and cloud services sites all require passwords that must be managed by employees.
Given this complexity what do they do? In many cases they just use the same (weak) password for everything. Even worse, that password might be the same password they use in their personal life. In other cases, where they use different passwords, they might write them down on post-it notes that, we hope, aren't also stuck on their desktop monitors or keep them in plain text in a Word document.
While it is easy to say that employees should better manage their passwords, it is also incumbent on employers to help them. If work password management is so important--and it is--companies should do everything they can to help users shoulder the burden.
So what relatively simple things can companies do:
Work to educate users about the importance of securing their passwords (both home and work). You can't make people care, but you can help them to understand the need for security.
Reduce the number the number of passwords employees need to manage through the use of an SSO solution like Okta. Okta has the ability to vastly reduce the number of passwords each employee needs to manage while, at the same time, also reducing the number of times they need to sign in using individual passwords.
Make it easier for employees to manage their passwords by providing a password management application like LastPass. In addition to making it easier for people to manage their many work passwords, LastPass provides the ability to selectively share passwords so that they need to be managed in only one place. As important, it provides the ability for administrators to remove access to those passwords if an employee leaves the organization.
For the full article on password management at work, click here.