Multi-use passwords as a risk factor
Password vulnerability: According to a survey, 64% of employees use their passwords more than once
14. November 2022
Awareness training for employees on password security is enough - or not?
Heise online presents in a recent article the results of a survey of > 3500 employees conducted by the password safe provider Last Pass. The results are alarming: Almost 2/3 of the respondents have a very weak password security, because they use their passwords multiple times across different applications. Brute-force attacks on weak passwords are one of the most common threats, so this kind of handling is virtually an open door for successful cyber attacks on them.
So how does this seemingly careless handling come about? One reason is certainly that more and more applications and processes are being mapped digitally in everyday business life, resulting in a high number of required logins. If, in the best case, multi-factor authentication is also required for each application, the effort involved is enormous. No wonder, then, that employees tend to use the same or similar passwords and do not set up multi-factor authentication.
Successfully fend off cyberattacks on login processes.
A step towards secure passwords can thus initially be taken over by a password manager to avoid passwords that are used more than once. Nevertheless, the typical weak points in the security of classic login processes still remain open:
- Manual login management by employees is vulnerable to phishing & social engineering tactics.
- Lack of transparency and control of password strength and access permissions for various applications
- Manual rights management for employee entry and exit is prone to errors
To safeguard against these vulnerabilities, a strong identity and access management strategy should be a fundamental part of any cybersecurity strategy. Core factors of a strong IAM strategy are the creation of transparency of all processes, the management of all digital identities as well as their access regulations via a central location, and the integration of secure multi-factor authentication. To avoid standalone operation and the enormously high effort associated with it, ready-made solutions can be called in. With Bare.ID, this is exactly where a secure cloud IAM solution was developed on the German market.
- Fend off social engineering & phishing in a targeted manner: Bare.ID offers a central, cross-application single sign-on as well as user-friendly multi-factor authentication procedures incl. "Passwordless Login".
- Significantly reduced effort with increased flexibility and security: Fast, uncomplicated integration of SaaS, simple setup and central management via a user-friendly admin interface
- Best prepared for reporting & audits: Role-based access control, audit logs and event alerts create transparency
- Guaranteed data security and digital sovereignty: Hosting, development and support exclusively in and from Germany
Want to learn more about Bare.ID? Our team of experts is on hand with experience and will be happy to advise you on how our solution can fit into your IT environment. Simply arrange a no-obligation consultation appointment via our contact form and our team will get back to you as soon as possible.
EU NIS 2 – Why All Industries Should Take Action Now
EU NIS 2 - What's Changing and Why Should All Industries Take Action Now?
Foundation of Bare.ID GmbH
Bundling of competencies in the cybersecurity sector: AOE founds Bare.ID
Trend Study: The Relevance of IAM in the SME Environment
What role does an Identity and Access Management solution play in small and medium-sized businesses in Germany?
Get in touch
Request a non-binding consultation now and discover how Bare.ID can be integrated into your IT environment.
Sign up for our newsletter to stay updated.
Bare.ID represents user-friendly Identity & Access Management in the cloud. With Bare.ID, digital business processes and applications can be connected to a local user directory, benefiting from centralized security and Single Sign-On. Whether On-Premise, Hybrid, or Cloud, Bare.ID offers a multitude of pre-configured integrations. 100% security, Made in Germany.
Bare.ID's offerings are exclusively intended for business customers in accordance with §14 BGB. All prices are to be understood as net prices, plus applicable VAT at the time of billing.
Bare.ID is a product and registered trademark of Bare.ID GmbH - an AOE Group company © 2023 - All rights reserved.