All computer related devices now come with a password protection facility to ensure data and information is kept safe, but a new study has revealed that many businesses may still be leaving themselves vulnerable to cyberattacks.
A study of 1,247 workplaces by VPNOverview.com, cybersecurity experts, found that two thirds of businesses (66%) leave themselves at risk of cyberattacks due to their lack of having (or enforcing) password rotation policies.
Of the companies that do have password rotation policies in place, 45% of employees confess that they didn’t know these policies actually existed.
A staggering 57% who did know about their company’s password protection policies revealed they do not adhere to them by regularly changing their password, and of those who do adhere, 63% will simply use the same passwords on rotation.
For the companies without password rotation policies, only 7% of employees bother to regularly rotate or change their passwords.
The main reasons workers cited for not changing their passwords were: they are worried they will forget their password (57%), regularly changing passwords is annoying (48%) and they don’t see the point (45%).
Surprisingly, the research also found that managers and `C-suite staff were more likely to not follow password rotation policies (38%), with entry level employees not far behind (34%).
The types of businesses leaving themselves most vulnerable to cyberattacks by not regularly rotating passwords are accountancy and finance (34%), construction (31%) and education (26%).
David Janssen, security researcher and founder at VPNOverview.com comments: “Password rotation is such a simple policy that both businesses and employees can put in place to safeguard and protect their work. Changing your password every 2-3 months is a really effective way to deter cyberattacks, and although yes, some may find it frustrating, it could save a lot of heart ache down the line.
“It was shocking to see that so many workers didn’t realise what the point in regularly changing their password is, and it’s clear from our research that companies and employees alike need to be educated on the importance of implementing policies such as these.”