Password fatigue is a real phenomenon and refers to the exhaustion and inability to handle passwords and access. Our colleagues’ brains are tired and while they are dozing, hackers are already preparing for an attack. So how do we wake them up?
By December at the latest, it’s hit us – the winter blues is setting in … What’s more, sleepy password handling is commonplace in companies throughout the year. Did you know that an employee spends an average of ten hours in a working year entering passwords? Doesn’t sound like much? But it costs! In fact, it costs companies up to $52 million. What’s more, the sheer number of passwords to manage and protect can lead to internal security failures and cost companies even more if a cyberattack occurs.
What is Password Fatigue?
Employees have become password fatigued. It’s no wonder, considering how much time they spend thinking up a new password, searching for a safe haven for it, they can’t find it themselves, resetting it, and on and on … Add to that dozens of applications that want to be managed. It borders on utopia to leave the employee alone with the password management …
Undesirable side effects of password policies
Now, a good doctor cures the cause and not the symptoms. Simply presenting employees with rules like “one complex password per application” and a “minimum of special characters and digits” only increases the likelihood of them falling victim to password fatigue. And recommendations to use rather memorable passwords in order to be able to remember them all completely miss the point of IT security.
After all, passwords should never be memorable, as this correlates with the approach of making them as complex, long, impersonal and unpredictable as possible. The solution: passwords should be secret – preferably even from the person who uses them! Because a password that the employee does not know in plain text cannot be revealed – whether intentionally or by mistake is irrelevant here.
Remedy with secret passwords
With a password manager, highly complex passwords are automatically created. In addition, employees are freed from manual entry by the automatic transmission of the hidden password when logging in via add-on. In addition, they are also protected from being legally prosecuted should a security incident occur. This is because in Password Safe it is possible to regulate exactly who is allowed to reveal a particular password and, if this is possible when they were allowed to see it and for what purpose. So if you want to cure password fatigue in your company as quickly as possible as well as in the long term, you’d better turn to a proven password management solution.
Get to know how to implement good password hygiene here.