editor ’ s question

The survey of more than 150 cloud industry professionals was conducted at the recent Cloud Expo Europe event and revealed over four-fifths ( 83 %) of cloud professionals are confident about passwords ’ security effectiveness , over a third ( 34 %) saying they are very confident . This is despite the fact that insecure password practices are regularly exploited in cyberattacks worldwide , with 80 % of all breaches using compromised identities .

Asked about their experiences of using passwords , the study revealed a range of frustrations cloud professionals face with hygiene requirements for passwordbased systems . Over half of respondents ( 60 %) find it frustrating to remember multiple passwords , 52 % by having to regularly change their passwords , while another 52 % are frustrated by the requirement to choose long passwords containing numbers and symbols .

The number of passwords used daily by cloud professionals further underlines these challenges : a quarter of respondents ( 26 %) use four-tofive passwords , with 10 % using 10 or more passwords on a daily basis . Adding to the difficulties password users face , many organisations require frequent password changes , with 38 % suggesting quarterly updates , 27 % monthly changes and 6 % recommending daily or weekly changes . This can be an arduous task , while amounting to minimal security benefits .

The survey also confirms the value of passwords as a target for threat actors , with phishing attacks remaining prevalent . When asked if they ’ ve ever received a phishing email which they ’ ve flagged to their security team , over a third of cloud professionals claimed they ’ d flagged one-to-three , 18 % flagged four-to-six and nearly a quarter ( 23 %) flagged seven or more . More worryingly , 11 % have received but not flagged a phishing email and one-fifth ( 20 %) of respondents simply aren ’ t sure if they ’ ve ever accidentally clicked on a phishing link . Nearly onefifth ( 19 %) said colleagues have clicked on a phishing email and over a quarter admit to doing it themselves – 11 % say they ’ ve done it more than once and 5 % said they do it regularly .

“ Widespread user frustration represents a dangerous situation for organisations using password-based systems to protect their data in the face of continued phishing attacks ,” said Patrick McBride , Co-founder of Beyond Identity . “ This survey shows an alarming displaced confidence from cloud professionals – the bottom line is you can ’ t have effective security and advance to meet the promise of Zero Trust security if you are still using passwords .” www . intelligentciso . com

27