Resources
identify
A password vault provides false security when not in use
The purchase of a password manager is often seen as the remedy against insecure passwords. Unfortunately, in practice, it appears that most employees don't use a password manager at all! We researched this and came up with a solution.
Merijn de Jonge
Founder & CEO
Resources
identify
A password vault provides false security when not in use
The purchase of a password manager is often seen as the remedy against insecure passwords. Unfortunately, in practice, it appears that most employees don't use a password manager at all! We researched this and came up with a solution.
Merijn de Jonge
Founder & CEO

Start making vulnerable passwords impossible today

Thank you for your request! We will contact you within 1 business day.
Please fill in all fields before submitting the form

Companies and organizations are becoming increasingly aware of the need to protect their data. That is why numerous technical measures are being taken that can prevent external attacks. The effectiveness of such measures is usually high.

Although technical measures are essential, the human factor always appears to be the weak link in security. That is why a lot of time and attention is spent on raising awareness of cyber risks and learning safer behavior.

Unsafe password use is number one for unsafe behavior! It's safe to say that almost every cyber incident involves a password incident. Good password management is not human work (see How long does it take for your password to be hacked).

Good password management is only possible with the right tools. A password manager is then usually the tool that organizations offer to their employees. In practice, however, it appears that most employees after they have received a password manager from their organization don't use at all!

Behavior is difficult to control people

In 2019, Carnegie Melon University investigated the use and adoption of password managers. This shows that people are difficult to persuade them to change their existing behavior. They come up with bad paths by putting easy/weak passwords in the password manager, or they simply ignore the password manager completely and stick to their existing behavior.

A more recent study by the University of Twente from 2022 shows the same thing: password managers are poorly used, even if people indicate in advance that they will do so.

This is also evident from our own observations!

Through the MindYourPass Password Scan MindYourPass measures online security at a large number of organizations, including password quality and the use of a password manager. Based on these measurements, it appears that within organizations that make a password manager available to their employees, only 3-4% (!) of the employees is actually being used. Even after regular insistence from the top of the company and the IT department or following awareness training courses, that percentage hardly increases.

No alt text provided for this image
Example use of different types of passwords on business computers

We notice that people have learned many different ways to deal with passwords. People find it difficult to unlearn such existing patterns and switch to a standardized way of working with a password manager. Moreover, people are busy and it is not experienced as sufficiently urgent. It often takes a while to try it out and people don't get used to using a password manager every day.

False safety

In practice, purchasing a traditional password manager is therefore often a waste of money and does not significantly improve security. The safety risk thus remains. This can even lead to false security because the organization believes it has taken an effective measure by purchasing a traditional password manager while it is not being used in practice. Quite a bit of time then passes before an organization comes to this insight and is ready for a different, more effective approach and has implemented it. The risks of poor password use remain unabated all this time.

Can it be done differently?

Improving password hygiene in an organization is a major change. Such a process does not end with the purchase of a product but actually starts there. This is often forgotten or underestimated and is a major cause of failed password policies despite purchasing a password manager.

MindYourPass does things differently! MindYourPass's integrated approach looks at the entire change process. During this process, not only will our unique password solution be rolled out in the organization, but the organization will also be guided in learning how to work with good passwords and how to use the product. With the MindYourPass password scan the process is continuously monitored so that the improvements can be measured and so that they can be reported on. An important part of the approach is that during this process, the organization switches to enforcing secure passwords. This way, we say goodbye to the obligation to use good passwords in a controlled manner and the organization is guaranteed to be more secure.

No alt text provided for this image

With this SMART method, the desired password policy is therefore not only measurable and visible, but is also mandatory and enforced throughout the organization. As a result, achieved results (and thus the return on investment) become visible and an organization's online safety finally becomes manageable.

Heading 1

Heading 2

Heading 3

Heading 4

Heading 5
Heading 6

Lorem ipsum by sit amet, consectetur adipiscing elit, sed do eusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Dis aute irure door in reprehenderit in voluptate velit se cillum dolore eu fugiat nulla pariatur.

This is a long block quote

Ordered list

  1. Item 1
  2. Item 2
  3. Item 3

Unordered list

  • Item A
  • Item B
  • Item C

Text link

Bold text

Emphasis

Superscript

Subscript

Get in touch with us.

Let MindYourPass make your organization safe.

Thank you for your request! We will contact you within 1 business day.
Please fill in all fields before submitting the form
Want to read more?
See other articles
More articles

Triple-i™ improvement method

Wachtwoordveiligheid meten om doelgericht te verbeteren

Elke verandering begint met het verkrijgen van volledig inzicht in de huidige situatie. Om vanuit daar met behulp van een concreet en praktisch plan toe te werken naar de gewenste situatie: het gebruik van kwetsbare wachtwoorden binnen jouw organisatie onmogelijk maken.

Learn more about Triple-i™

Learn more about cybersecurity

See all articles
Resources
Privacy-by-design in the spotlight
Nieuws
MindYourPass Municipalities Benchmark 2024: How secure are the passwords?
Resources
Why the effect of a password manager is almost always disappointing
Resources
Rick's review of his first year at MindYourPass