New research shows passwords are failing IT security

IT professionals don't believe in passwords or have faith in the cyber-security of their organisations, new research has found.

New research from Lieberman Software conducted at the 2016 RSA conference revealed that 77 percent of IT pros feel that passwords are failing IT security. The opinions collected for the study came from nearly 200 cyber-security pros.

More than half (53 percent) of respondents thought that modern hacking tools could easily break passwords within their organisations. Slightly less than half (45 percent) feel that they aren't prepared to defend against a cyber-attack even though their organisation has deployed IT security technology.

Fifty five percent make users change their passwords more often than they change administrative credentials. Ten percent admit that they never change admin credentials. Meanwhile, only 15 percent change their admin credentials once a year. Over a third (36 percent) work in companies where IT staff share the same passwords.

Philip Lieberman, president and CEO of Lieberman Software said, “If the vast majority of respondents think passwords are failing, then it's time to rethink how we're using them. Attackers use automated methods to brute force credentials and gain privileged access to enterprise networks – often in a matter of minutes. To counter this threat, organisations should take the same automated approach and apply it to their privileged credentials. Changing credentials continuously in a non-disruptive way would go a long way toward keeping the bad guys from gaining unrestricted access on the network.”