1 in 8 UK employees reuse personal passwords at work – putting businesses at risk

Almost three quarters of UK employees are not changing their work log-in and email passwords enough putting businesses at risk of cyber-attacks, new research by CSS Assure has revealed.

Of those, almost one third admitted to never changing their work passwords or only doing so when prompted, while 1 in 8 employees (12%) said they use the same passwords personally and professionally.

This World Password Day (5 May), CSS Assure has warned employers to protect their businesses against cyber-attacks due to the major financial, reputational and legal damage they can cause.

Those doing manual work (78%), as well as graduates (70%), directors and business owners (77%) are least likely to change their work passwords enough – highlighting the importance of education at all levels.

One in five directors and business owners (21%) admitted to reusing passwords across multiple accounts, while a quarter of senior managers (25%) said they write their passwords down in a notebook or on a mobile application.

Worryingly, despite infrequent password updates and reusing passwords across multiple sites, 74% of respondents claim to be cyber security aware.

Mike Wills, director of strategy and policy at cyber and data security firm CSS Assure.

Mike Wills, director of strategy and policy at cyber and data security firm CSS Assure, said: “Cyber criminality is here to stay and is an increasing plague on society – causing untold damage, while fuelling and funding international crime and global terrorism.

“No business is immune from cyber-attacks, and it is vital companies make themselves as hard to hack as possible. At a minimum, businesses should encourage and remind their employees to change their passwords at least once every three months as this will stop or prevent access to accounts if data has been breached.

“While this may seem like a faff, doing so is the single greatest defence a business can take towards protecting itself against a cyber attack. Currently, there are millions of emails and passwords for sale on the dark web for miniscule amounts, waiting for cyber criminals to purchase.

“Using the same password across multiple accounts or both personally and professionally is a major weak link in a company’s security system. If one site is breached and an employee’s credentials are exposed, their risk is amplified exponentially if they use that same password elsewhere.”

“Poor password management is a root cause for many data breaches. However, it’s important to remember that the habit can often be attributed to poor personal discipline, as opposed to malicious intent by your employees.

“Typically, people are unaware they are putting their company at risk, which can be shown by almost three quarters of those surveyed believing they are cyber security aware – even though they are making mistakes that can have dangerous consequences.

“Employers must create a hard to hack company culture that is trained on recognising threats and attacks. Begin by educating all levels of the workforce on why and how poor practices can lead to data breaches, as well as encourage them into good habits, including changing their passwords regularly – starting with today.”



Association for Consultancy and Engineering publishes plan for next government

The Association for Consultancy and Engineering, the voice for consultants in the built and environmental industries sectors, has published A Plan for the Next...

Wave strengthens team with two senior hires

National water retailer Wave, has appointed two new key hires, marking an important phase in its growth. As the business introduces its new Operations Directorate,...

£8 million clarification process and £4 million carbon addition upgrade completed at Derg Water Treatment Works

NI Water has announced the recent completion of 2 projects totalling approximately £12 million, which involved the construction of a new £8 million clarification...

Barhale to upgrade water delivery capacity for Corby

The upgrade of a key Anglian Water asset in Corby will pave the way for future residential development in the Northamptonshire town where the...