One in four people use work passwords for consumer websites

2021-02-26 05:00

The report found that one in four consumers admit to using their work email or passwords to log in to consumer websites and applications such as food delivery apps, online shopping sites and even dating apps.

The report found that consumers are neglecting to implement fundamental security safeguards across smart IoT devices at home, which could have serious security ramifications on both the individual and the enterprise amid increased and ongoing remote work spurred by the COVID-19 pandemic.

As consumers often recycle passwords, the report findings indicate enterprises are at risk every time credentials are stolen from breached consumer websites, making it paramount for organizations and consumers to ensure there is a separation between login information used for work and personal apps or websites.

The pandemic significantly expanded the enterprise attack surface when millions of people worldwide began working from home, and organizations struggled to maintain business continuity and provide secure access to company resources and tools.

The report surveyed 1,000 Americans working from home amid the pandemic on a company-provided computer to examine how consumer and enterprise cybersecurity habits have changed.

"The FBI issued a warning about an increase in credential stuffing attacks in September 2020 and yet consumers are still using work emails and passwords to log in to consumer apps and websites, putting the enterprise at significant risk of a credential stuffing attack," said Phil Richards, CSO at Ivanti.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/44wysYRJIRU/