Password fatigue is a phenomenon that can lead to some pretty costly decisions. We’re about to get into the particulars of what it is, why it matters, and how to avoid it.
Before we do, however, it’s important to understand how big of a problem it is. About two-thirds of the population admits to using the same password for work and personal accounts. Here’s why that’s a bad idea.
If a hacker were to access your work password, they could easily turn your personal life upside down (and your bank account empty). Scared yet? You probably should be.
Common Password Behaviors That Make Hacking Easy
One of the password fatigue statistics that should make you think twice about your security is this. Four out of every five hacking attacks are linked to stolen passwords (see link above). Here are the ways you’re making it easy for the bad guys.
This could mean using a single password for every account (a really bad idea). Or, it could mean having a handful of passwords that you divide up among your banking, work, streaming, email, and social media accounts (an equally bad idea).
Having a few passwords in circulation is no better than a single password for every account. All it takes is one being compromised for your online life to unravel.
Not Having Complex Passwords
Having Complex password is cortical for your password security and to make it easier you could automatically generate it with complex password generator.
Making Passwords Too Easy to Figure Out
Password-hacking programs have become quite sophisticated in their attempts at guessing your password. You don’t realize the many digital footprints you leave online.
But malicious software programs do, and they’re phenomenal at crunching the possibilities. Passwords you think are secure can be guessed in a matter of minutes through the use of artificial intelligence.
Sharing Secure Passwords With Friends
It doesn’t matter if you trust the person with whom you’re sharing. Nothing has to be malicious.
The more people who know your password, the more vulnerable you become. Think about that the next time you share a PIN or password.
Staying Logged In
Logging into your accounts usually comes with the option of staying logged in. This reduces the time it takes for you to get started each workday, but it also makes it easy for someone to sneak onto a computer you were using and have access to all your accounts.
Now that you know how you’re leaving yourself vulnerable, it’s time to consider the outcomes of password fatigue. These are the repercussions and how to avoid them.
1. Password Fatigue Is Costing You Money
One of the surprising ways password fatigue is making a negative impact is through the time it takes to log in. Employees either spend too much time logging in each year, time that could be better spent elsewhere, or they use shortcuts.
Shortcuts like staying logged in or choosing creampuff passwords (see the common mistakes listed above). Either way, it’s resulting in more than one way for your organization to lose money.
2. Jeopardizing Confidential Information
Another thing about password security is that it’s not just the password-holder who gets affected. One breached password can lead to hackers stealing reams of information about clients, customers, and other vendors.
Now imagine you’re one of those compromised, all because the company you did business with was careless with your data. It would make you think twice about working with them again, wouldn’t it?
3. Enabling Hacks
As already discussed, compromised passwords, or credential jacking, is one of the leading ways that hackers gain access. But it’s what they do afterwards that really makes it a costly mistake.
Hackers try to hijack credentials for even more nefarious purposes. They do it to install malicious programs to clean out bank accounts, exploit user data, or prevent your ability to do business.
Time is money, and every minute you spend fighting a cyberattack is money wasted. That’s a steep price to pay simply because your employees are tired of dealing with passwords.
4. Stressing Employees
Think about how many online accounts you have that require password protection. We’re willing to bet you or your employees have more than one of the following:
- Social media: Facebook, Twitter, TikTok, Instagram, Pinterest, LinkedIn, YouTube
- Work accounts: virtual desktop, software applications, online training portals
- Email: often more than one account
- Streaming: Netflix, Hulu, YouTube, HBOMax, Disney+, ESPN, to name a few
- Consumer software programs: whatever your area of interest is, there’s probably a piece of software for it
- Music: AppleMusic, Pandora, Spotify
- Online banking
- Online bills
It’s easy to see where password stress comes from! It’s also understandable why so many people reuse passwords even when they know the risks of doing so.
5. Creating PR Nightmares
Cyberattacks have effects that can go well beyond the initial hours or days that it takes to get them solved. As customers, clients, or vendors start to realize they’ve been affected, that can damage your reputation for months or even years to follow.
Bad public relations has a cost. Many times, that cost can be far greater than whatever financial damages occurred while the attack was underway.
6. Highlighting Other Vulnerabilities
One of the scariest things about these password mistakes is this. It can create other vulnerabilities by way of technology, trade secrets, or both.
Companies that are so inept with managing their password safety likely have other weaknesses waiting to be exploited. Password fatigue gives hackers the opportunities they need to do just that!
What to Do About It
Fortunately, there are many things you can do to improve the quality of your passwords. Here are some quick suggestions.
- Make passwords between eight and 16 characters
- Use a combination of upper- and lowercase letters
- Use at least one number
- Use special characters (like @, _, and #)
- Invest in an effective password manager to encrypt your password data
- Enable two-factor authentication
- Make sure each account uses a unique password
- Get more advanced with authentication, using biometrics, photos, fingerprints, and more
Incorporating all seven of these steps will make it more difficult for hackers to have their way. That will send them looking for easier targets.
Take Fatigue Seriously When It Comes to Passwords
Password fatigue is a real problem for most organizations, and it’s one that you should take seriously. Incorporating many of the suggestions above is a start, but you should always be looking for tools that go further in preventing password-based hacks.
LogMeOnce Password Manager is just such a tool that incorporates everything from FaceID to automatic 2FA. It creates unique and complex passwords, detects duplicate and same passwords, fight password fatigue, helps with poor password hygiene by storing passwords and user accounts and more.
This reduces the burden on your employees, without making you more vulnerable. Contact us today to learn more.