The report on the use of passwords in 30,000 businesses that use the company's password management software found that while 91% of employees understood the downside of re-using passwords, 61% still did so.
The security implications of passwords was underlined by the simple statistic that a single stolen password could compromise an entire organisation.
Apart from the number of passwords that were used by individual employees, businesses now faced a new problem: many of the cloud apps used by workers were not controlled by the IT department.
The report estimated that the average organisation with 250 employees would have about 47,750 passwords in use. Each employee had to keep track of something like 191 passwords, though standard industry reports claimed something in the region of 27.
The disparity between these numbers was explained in the report by pointing out that people often under-estimated how many accounts they had, and asking:
- "If you’re a marketer, how many advertising and analytics platforms are you using?
- "If you’re a systems administrator, how many servers are you managing?
- "If you’re a sales representative, how many demo accounts are you setting up?"
Given that most employees started out with about 20 passwords and doubled that number by the end of three months, the report said it not surprising that the same, or similar, passwords were used again and again.
It estimated that about 36 minutes was wasted each month by employees typing in passwords.