Report finds 68% of IT managers say employee motivation is the biggest challenge in remediating at-risk credentials
Bitwarden, the trusted leader in password, passkey, and secrets management, announced the results of the Bitwarden Business Insights Report. The survey of over 100 IT leaders reveals significant gaps in credential security, with nearly half of organizations (48%) reporting ineffective password health monitoring and employees taking an average of nine days to update weak or compromised credentials.
Credential security remains a priority, yet 68% of IT leaders struggle to enforce it
IT admins recognize credential security as a priority, with 67% citing credential access management as being very important. However, organizations still face hurdles in enforcing password management, with 68% of respondents identifying employee motivation as a major implementation challenge.
A lack of visibility and user awareness further complicates password security. 44% of IT admins say employees struggle with knowing how to change their passwords, while 36% cite difficulty tracking employee progress toward more secure practices.
Read More on CIO Influence: The Road to AI-Native Wireless: Why Traditional RAN Must Evolve
Password risks persist as 60% of IT leaders report ineffective at-risk credential update strategies
Weak passwords remain a top attack vector, yet organizations struggle to proactively monitor and enforce security policies. The report also reveals:
- Proactive measures: 53% of IT managers want to take a proactive approach to credential security, but only 33% reveal that they are currently able to do so.
- Strategic effectiveness: Approximately 60% of IT managers report their strategies for quickly updating at-risk credentials to be only somewhat effective or completely ineffective.
- Limited resources: 66% of organizations that do not alert employees to update at-risk credentials say they lack the tools or resources to do so effectively.
51% of IT leaders say employees don’t take security seriously
90% of IT admins rely on employees to update their own credentials, most often through email notifications (42%) or direct conversations (36%). However, more than half of IT leaders (51%) say employees do not take security measures seriously, leading to delayed remediation and increased risk.
IT leaders identified key strategies for improving password security:
- Prioritization of security actions: 51% of IT leaders believe that clearly prioritizing security actions significantly enhances security posture.
- Intuitive workflows: 46% suggest that simplified workflows for non-technical users would facilitate easier and timelier password updates.
- Regular training: 45% advocate for regular security training to instill robust password habits and awareness among employees.
Strengthening security with password health monitoring
Credential security is foundational to an effective identity and access management (IAM) strategy. To enhance security posture, organizations are encouraged to leverage tools that help IT teams detect weak, reused, or exposed credentials. Implementing strong password policies and streamlining credential updates reduces the enterprise attack surface and improves response times to emerging threats.
Catch more CIO Insights: What is Shadow IT and why does it matter for enterprise security?
[To share your insights with us, please write to psen@itechseries.com ]
