“It is a very scary truth that everyone, especially those running businesses, should aware of. Our passwords are not safe which is concerning as they are literally the key to some of the most important information that businesses hold,” said Joseph Carson, CISSP, CSPO, CSP, Thycotic. “Privileged account passwords especially are prime targets for hackers for good reasons. One privileged account password breach can allow a hacker to access and steal the credentials and passwords belonging to every employee in a company.”
As an example of the type of opportunities for passwords being compromised, the report shows that companies on the Fortune 500 list in 2015, employed a combined 27 million people – a number which has since grown. Thycotic experts estimate that these employees in 2020 will have an average of 90 accounts (combination of business and personal) requiring login IDs and passwords. That would put the total number of passwords belonging to Fortune 500 employees at 5.4 billion in 2020. While employees have their own login credentials — there’s a proportionately small number of privileged users (typically IT and system administrators) who each have access to hundreds, and sometimes thousands, of login IDs and passwords.
“As the total universe of passwords will likely grow to 300 billion by 2020, organizations across the world face an enormously growing cyber security risk from hacked or compromised user and privileged accounts,” said Steve Morgan, editor-in-chief, Cybersecurity Ventures. “We felt it was extremely important to team up with an industry leader, such as Thycotic, to bring awareness to the tremendous vulnerability everyone is at risk for as the number of passwords continues to grow. This report will help to assist cyber defenders and educate the broader global community through a statistical analysis of the massive password expansion and associated challenges that lie ahead of us in the years to come.”
Approximately five percent of Fortune 500 employees are privileged users, putting the number of people with privileged account access at 1.35 million. These numbers provide a huge opportunity that hackers love to exploit and put businesses of all sizes at risk. To help solve the issue of passwords becoming more difficult to manage, Thycotic has introduced its Weak Password Finder which helps companies manage the vulnerability of passwords and determine which passwords are weak and needs attention. Download the free tool now.
To check the vulnerability of your own password, check out our free Password Checker Widget. To view a copy of the full State of Password Security report by Thycotic and Cybersecurity Ventures, which provides more stats on the future of password protection, visit here.