IT Admins Just As Bad, If Not Worse, Than Employees At Changing Passwords

IT administrators are being urged to practice what they preach and update corporate passwords as frequently as they recommend employees do.

A study by cyber security firm Lieberman Software discovered that more than half (55 percent) of IT professionals make their users change their passwords more regularly than they change administrative credentials.

Lieberman’s survey, conducted at last month’s RSA security conference, found that a worrying 10 percent of admins reported never having changed administrative credentials at all, and 74 percent only changed passwords on a monthly basis, and sometimes even less than this.

Unlocked

The study also revealed that nearly a third (36 percent) publicly shared passwords amongst other member if the IT staff.

Worryingly, a further 15 percent believed that they would be able to gain remote access to corporate networks using their admin credentials if they were to leave the company.

“Administrative passwords are the most powerful credentials in an organisation – the keys to the IT kingdom,” said Philip Lieberman, President and CEO of Lieberman Software.

“The fact that 10 percent of IT professionals admitted that they never change these credentials is astounding. It’s almost like an open invitation to hackers to come in and stay a while.  In the meantime, the intruders are nosing their way around the network. They can anonymously help themselves to information and remain undetected until it’s too late.”

Sadly, this isn’t the first password vulnerability story to hit the IT industry in recent months, as users somehow still remain immune to persuasion.

A survey carried out by LastPass last month found that more than half of Brits share passwords that could put their financial information at risk despite three quarters acknowledging such practices are dangerous.

This included a whopping 96 percent of respondents who said that they have shared up to six passwords with others, with 72 percent sharing such credentials verbally.

Another recent study from Kaspersky also found that nearly half of Internet users admitted to having shared their passwords with somebody or leaving them visible for people to see, opening them up to serious risk of compromise or attack.

Take our Internet security quiz!

Mike Moore

Michael Moore joined TechWeek Europe in January 2014 as a trainee before graduating to Reporter later that year. He covers a wide range of topics, including but not limited to mobile devices, wearable tech, the Internet of Things, and financial technology.

Recent Posts

OpenAI In Talks With California Over For-Profit Shift

OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…

5 hours ago

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

6 hours ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

6 hours ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

7 hours ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

7 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

8 hours ago