The Password Hygiene Problem in the Human Resources Industry
It seems that everyone on the planet knows that “123456” and “password” are about the worst passwords anyone could have. Also, you’d expect most people to know that using any personally identifiable information in a password is a hard no. Well, then you’d be somewhat surprised to find out that “12345”, “password”, and company names are among the top passwords used by professionals working in the Human Resources industry. Today, we’re taking a deep dive into how people in the Human Resources sector treat their passwords.
The problem with weak passwords and why we still use them
Put plainly, the problem with weak passwords is that they present no challenge to a hacker trying to gain unauthorized access to your online accounts. In most instances, short and simple passwords can be cracked in less than a second. And, in today’s world, having a single online account hacked could have devastating consequences — this is especially true when we talk about corporate accounts.
Often, it’s our laziness and wish to avoid the anxious and frustrating experience of forgetting passwords that make us choose simple and easy-to-remember passwords. The Ponemon Institute reports that, today, 53% of people still rely on their memory to manage passwords. The same report notes that 66% of computer users think it is essential to protect work passwords, and 63% feel the same way about passwords used on personal devices. Yet, on average, a single password is used to access five accounts. These findings are the perfect example highlighting the fact that most of us realize the importance of password security but do little to actually improve our habits.
However, in the age of data breaches, weak passwords are no longer a viable option, and users must move towards making strong passwords work for them.
Poor password habits in the Human Resources industry
Owing to the nature of their work, Human Resources employees must be acutely aware of the way they treat their passwords. After all, their passwords often secure a whole lot of personal records and other sensitive corporate data. Unfortunately, not everyone in Human Resources takes password security as seriously as they should.
Recently, we took an in-depth look at password habits within Fortune 500 companies. We categorized the results into different industries and discovered that, in general, even the largest companies in the world still find password security a challenge.
When it comes to password habits within the Human Resources industry, our study found that, while people in the Human Resources sector had the highest Unique Password Percentile (UPP), standing at 31%, they still resorted to using passwords that could be cracked in just a few minutes or less. Interestingly, password choices within the Human Resources sector were similar to those of the Hospitality and Real Estate industries. Employees across these industries frequently used their company’s name or its variation to secure corporate accounts. Another similarity between these industries is that “password” and “123456” ranked at the top of the list of used passwords. You can see the most popular password used in the HR sector here:
One of the most concerning things about the passwords that appear on the list is the fact that most of them would be extremely easy to crack or even outright guess for even a mediocre hacker. Most of the passwords — for instance, “linkedin” or “Company name123” — are directly related to the company or industry, which makes them extremely weak.
Password security can be easy
Most people understand the need for secure passwords and even take steps to use them to ensure the security of corporate as well as personal online accounts. However, the main issues that most of the people in HR as well as other industries face is the difficulty to remember and manage multiple passwords. And, if employees are constantly distracted by difficulties logging in to their accounts and the need to repeatedly reset passwords, it is unsurprising that most revert to old and poor password habits.
The easiest way to counter the issues of password management is by adopting a password management solution. Password managers such as NordPass provide a single secure place for you to store, access, and manage your passwords with ease. Such tools also offer a way to generate strong and complex passwords on the go and make logging in to your frequently used accounts quickly thanks to features such as autosave and autofill.
If you are interested in acquiring a corporate password manager, do not hesitate to contact our sales representative to schedule a demo call and learn how NordPass can boost your company’s security posture.