Poor password management puts companies at risk

The facts say something else

 Current password protection methods are insufficient

Users have too many passwords to remember

The number of business apps requiring passwords

No wonder companies are wasting time resetting user passwords

Password resets take up IT time

The solution: Reduce or eliminate passwords

Only 42% of companies use SSO or MFA to eliminate passwords

The risk is too high!

Group 27 Created with Sketch. feel their current password protection measures and guideless are adequate. 95% of IT decision makers report having company guidelines around password complexity. 98% Based on a survey of 300 IT professionals from companies across the United Kingdom UK companies have a misplaced faith in their password practices Poor password management puts UK companies at risk

The facts say something else

Group 28 Created with Sketch. Companies have enforced password complexity, but few are using NIST’s new best practices. 2% 18.7% 33.7% 22.4% 49% 53.4% 62.6% 74.1% MINIMUM LENGTH PASSWORD PROTECTION METHODS USED: MIX OF UPPER/LOWER CASE USE OF NUMBERS USE OF SPECIAL CHARACTERS CHECKING AGAINST COMMON PASSWORD LISTS CHECKING AGAINST RAINBOW TABLES CHECKING AGAINST PASSWORD COMPLEXITY ALGORITHM OTHER REQUIREMENTS check passwords against common password lists. 33.7% ONLY use password complexity algorithms. 22.4% ONLY

Users have too many
passwords to remember

Group 29 Created with Sketch. 25 AND UNDER APPS 26-100 APPS UP TO 200 APPS UP TO 300 APPS DON’T KNOW 31% 60% 4.7% 3.0% 1.3% NUMBER OF APPS REQUIRING INDIVIDUAL PASSWORDS of companies have 26 to 100 apps that require individual passwords. 60% have 11 to 25 apps requiring them. 20.7% of people have trouble remembering passwords. YE T 72%

No wonder companies are wasting
time resetting user passwords

Group 30 Created with Sketch. LESS THAN 10 HOURS 6-10 HOURS 11-20 HOURS OVER 20 HOURS DON’T KNOW 29% 5% 6.7% 12% 47.3% HOURS/WEEK SPENT ON PASSWORD RESETS 47.3% of companies don’t even know how much time they’re spending on password resets. WORSE, A SHOCKING SPENDING A MEAN OF A YEAR ON PASSWORD RESETS. 2.5 MONTHS

The solution:
Reduce or eliminate passwords

Group 33 Created with Sketch. YET ONLY 53% OF COMPANIES ARE USING SSO. Single sign-on (SSO) with SAML eliminates passwords… 53% 0% 22% 29% 34.7% 29.7% 22.7% 14.7% 29.7% 27% 32.3% 53% SINGLE SIGN-ON (SSO) INTEGRATION METHODS COMPANIES ARE USING FOR MANDATORY AUTHENTICATION REQUIREMENTS FOR INTERNAL APPS: SAML SUPPORT OAUTH SUPPORT (OPEN AUTHORIZATION) MULTI-FACTOR AUTHENTICATION (MFA) PASSWORD HASHING PASSWORD SALTING PASSWORD COMPLEXITY POLICIES PASSWORD ROTATION POLICIES CLOUD ACCESS SECURITY BROKER (CASB) INTEGRATION SECURITY INFORMATION AND EVENT MANAGER (SIEM) INTEGRATION OTHER OPTION BUT LESS THAN A THIRD, 29.7%, OF COMPANIES REQUIRE MFA. Multi-factor authentication (MFA) is the other critical tool in the fight against hackers. 29.7%

The risk is too high!

With 1,244 breaches in the US in 2018 alone, and 446 million records exposed. Companies can’t afford the risk of poor password practices.

About OneLogin, Inc.

OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration.

https://www.onelogin.com/company/contact