Tragic mistake: Companies think passwords are plenty safe

Two desks on a business trading floor, one with computer monitor displaying 'Password Protected.'
(Image credit: Rawpixel.com/Shutterstock)

It's well known that passwords are weaker than other security methods, but that isn't stopping organisations from using them. 

According to new research from Thales Group, 41% of US and Brazilian IT security professionals believe that passwords are still effective for access management, regardless of security worries.

Thales says the majority of 300 survey respondents are planning to "expand the use of usernames and passwords, even though the limitations could pose strong security challenges".

Security is a balancing act 

The report also quizzed IT decision makers on common cyberattack targets. Most respondents (68%) said unprotected infrastructure was a major cyber attack target, followed by cloud apps (58%) and web portals (52%).

Thales found that IT departments are having to balance security and convenience due to an increase in remote working following the coronavirus pandemic. 

"The recent explosion of the remote work environment brought on by the Covid-19 global pandemic has forced IT departments into a tug-of-war between security and convenience at a time when risks are at their highest," wrote the firm in a media release.

Nearly all respondents (94%) said their access-management security policies were "influenced by breaches", but over half (58%) of IT departments were letting employees access corporate resources via social-media accounts.

Worryingly, 28% of respondents said that social-media logins were "one of the best tools for protecting cloud and web-based authentication".

What's more, respondents said the adoption of access-management solutions was largely driven by security concerns (88%) or the potential of falling victim to large-scale breaches (84%).

Securing organisations

The survey also explored how increased cloud adoption is resulting in "further complexity" for organisations, with 97% of respondents expecting problems if their organisations don't take steps to secure applications. 

When it comes to access management, two-factor authentication (66%), smart single-sign-on (43%) and biometric authentication (39%) were seen as the best methods for securing cloud and web apps. 

Although many organisations are still heavily relying on passwords, the vast majority of participants (95%) indicated that they have adopted multi-factor authentication techniques. 

But only 15% said they had a dedicated multi-factor authentication tool, and while smart single-sign-on was the least popular method for access management (59%), 26% were planning to adopt it this year and 86% planned to expand use of it. 

"Innovation in access security allows us to overcome the reliance on passwords, which are proven to be insufficient in protecting data," said Francois Lasnier, vice president for Access Management solutions at Thales. 

"Organizations that utilize cloud-based access and passwordless authentication to scale secure cloud adoption will be able to meet the increased need for improved security, especially at a time when access control is critical for today's remote workforce. 

"The elimination of username and passwords as a sole method of authentication and broader use of smart single-sign-on will result in a greater level of security and convenience as more and more applications are delivered from outside the security perimeter." 

TOPICS

Nicholas Fearn is a freelance technology journalist and copywriter from the Welsh valleys. His work has appeared in publications such as the FT, the Independent, the Daily Telegraph, The Next Web, T3, Android Central, Computer Weekly, and many others. He also happens to be a diehard Mariah Carey fan!

Latest in Online Security
A person on a laptop converting a PDF to a DOC
FBI issues warning over free online file converters that infect your PC with malware
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
A woman using her laptop securely with a cup of coffee in hand
5 common mistakes people make when shopping for antivirus software
Windows
240 million Windows 10 users are vulnerable to six different hacker exploits — protect yourself now
Victims of Identity Theft
FTC says Americans lost $12 billion to scams last year and these were the worst ones — here's how to stay safe
Apple iPhone 16 Plus Review.
Apple just released an emergency security update for a flaw used in an ‘extremely sophisticated attack’ — update your devices right now
Latest in News
A person on a laptop converting a PDF to a DOC
FBI issues warning over free online file converters that infect your PC with malware
The Find my People feature
Android Find My can now track your friends and family — here's how to use it
Foldable iPhone concept image
Are you sitting down? Here’s what the foldable iPhone could cost
Samsung HW-Q990D soundbar
Samsung’s flagship 2024 soundbar just got bricked by a new firmware update — don’t update
A hacker typing quickly on a keyboard
New MassJacker malware is hijacking digital wallets to steal large sums from users
Owen Cooper as Jamie Miller in Adolescence
'Adolescence' is a gripping new Netflix show that's already hit No. 1 — and it’s 100% on Rotten Tomatoes