• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Yubico 2019 State of Password and Authentication Report

You are here: Home / Security News / Yubico 2019 State of Password and Authentication Report

Password authentication has become part of regular life for many individuals who use digital devices on a daily basis. Whether it be inputting a code to unlock their phone, or logging into their computers at the start of the day at work, passwords are quite literally the key to our personal and professional lives. With that in mind, how many individuals and organisations take their password security seriously enough? One password breach could have a significant impact on an organisation or individual. phishing

Yubico, a hardware authentication device company, recently released their 2019 State of Password and Authentication Security Behaviours Report. The research was conducted by the Ponemon Institute and surveyed almost 1,800 IT and IT security professionals in the United States, United Kingdom, Germany and France. The study is conducted annually to understand the current state of password management and authentication beliefs and behaviours.

One metric that the report studied was the perceptions that IT professionals have about managing passwords in the workplace. 66% of respondents believe that it is important to protect passwords that are used in the workplace and 63% believe the same for their personal devices. Despite this, 55% reported that it is difficult to manage their passwords. 56% reported that they would be happy if they could log into online accounts without a password, and 57% would like a method to protect their identity that doesn’t involve the use of passwords (i.e. biometrics, hardware key).

Privacy concerns have been reportedly increasing, with 63% of respondents saying that in the last two years they have become more concerned about the privacy and security of their personal data. The number one reason given for this was government surveillance at 59%, with the second being increased usage of mobile devices such as smartphones and tablets at 51%.

The report also endeavoured to bring poor password habits to light. 69% of respondents admitted to sharing passwords with colleagues. More than half (51%) of the respondents also admitted to reusing passwords across any of their business and/or personal accounts. 51% say they have experienced a phishing attack in their personal life while 44% have experienced a phishing attack at work. Phishing puts the organisation and/or individual at extreme risk of data theft and ransomware. Despite this alarming figure, 57% of respondents who have experienced a phishing attack have not changed their password habits. Of the 43% that did change their password habits, 47% now use stronger passwords, 43% change them more frequently and 41% have started using multi-factor authentication where possible.

The report found that on average respondents spend 12.6 minutes, or 10.9 hours per year entering and/or resetting passwords. Based on this and the average headcount of 15,000 people per organisation, the researchers estimate that password management and inputting is costing organisations an average of US$5.2 million per year.

If you’d like to read more into the details of each finding, you can download the PDF here (account required, report is free to download).

The report shows that password habits in the personal and professional lives of individuals has significant room for improvement. As malicious actors steer their efforts towards targeted attacks such as phishing, the authentication habits of an organisation’s employees must be addressed. Many organisations are suffering from ransomware and phishing attacks primary because of poor training and education. The losses that stem from the cumbersome task of password entering and resetting could be offset by investing in training and implementing password management applications. These password management applications aid IT administrators in ensuring that the passwords used within their organisation are strong, unique and securely stored. They also take away the hassle of entering in a password every time, as most password managers will automatically insert login credentials. Training also encourages the use of multi-factor authentication which drastically improves security and reduces the chance of malicious actors gaining access to accounts, even if the password is compromised via data breach. Yubico is a company that specialises in hardware multi-factor authentication (MFA) technologies where by using a physical hardware key, users do not have to use their phones for MFA.

If you or your organisation has experienced a password breach, or feel that password security in your organisation could be improved, Contact Us today to learn more about how our experienced consultants can help your organisation remain secure from today’s threats, and be sure to follow our LinkedIn page for the latest security updates.

Author: Jack Schofield, Agilient Consultant

Tweet
Share

General,  Security News 2019 State of Password and Authentication Security Behaviours Report,  cybersecurity,  multi-factor authentification,  password authentification,  phishing,  ransomware,  Yubico

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692