The easiest way for a threat actor to break into an organisation is to simply walk in through the front door. For most, that front door is locked with a password.
Password theft gives threat actors easy access to an organisation's corporate crown jewels – personal information, intellectual property, financial systems and other valuable assets.
It’s little wonder that of the successful cyber-attacks that are executed, the Australian Cyber Security Centre reveals that there is a successful attack every seven minutes in Australia, almost two thirds occur as the result of credential theft.
Lloyd Evans, head of identity for Japan and the Asia Pacific region at LastPass said there are about 300 billion passwords in use today and this is causing challenges.
“The main issue really is dealing with the cognitive load of managing those digital identities at work and personally. To manage that load, people reuse passwords or use weak passwords to manage those digital identities," he said.
While there are legislative efforts being made by governments right across the region to boost cybersecurity awareness, the challenge of password security needs to also be addressed for users. And that means empowering them through the use of tools that help them, so they can use stronger passwords that are unique for each service being accessed.
Password managers, such as LastPass, give users tools to manage the dozens, if not hundreds, of passwords they use at work and in their personal lives.
“We know that there's a flow on effect from personal habits into corporate. If we can reduce personal impact, we can reduce corporate impact,” said Evans.
“A password manager can automatically generate long and complex passwords and then enter them for a user, when needed, without manual intervention.”
Another benefit of this approach is that, as passwords are automatically generated, the user doesn’t even have to know their password. This can also reduce the risk of password sharing.
With over 300 billion passwords in use today, the move to passwordless platforms will not happen over night. That means organisations need to have a robust, reliable and secure solution for password management.