This website uses cookies to ensure you get the best experience on our website. Learn more
How much are weak passwords costing your organization?
Bad passwords can be a direct and indirect financial drain on any organization. They’re often the weakest link in a security chain, allowing hackers easy access to sensitive systems and data. Cyber-attacks and breaches are the obvious risks, but there are other hidden costs associated with inadequate password policies. Managing password-related issues consumes valuable IT resources, diverting attention from strategic initiatives to routine password resets and account lockouts.
We’ll run through a few ways passwords might be costing your organization and look at how some simple changes can lead to both significant long-term savings and enhanced security.
Compromised passwords open you up to cybercrime
Weak and compromised passwords are the easiest way for hackers to gain unauthorized access to an organization. Whether it’s through cracking a weak password or simply logging in with a known compromised password, this is the initial access hackers need to launch further attacks. They can escalate their privileges and accesses further, install ransomware or other malicious software, and leading to data breaches.
Password reuse specifically causes significant security risks and potential costs for organizations by amplifying the impact of a single compromised password. Even if your organization enforces the creation of strong passwords, there’s nothing stopping an end user reusing that password on personal devices, websites, or applications with weak security. If compromised, a password can be sold on an underground marketplace can be matched to an individual and their place of work.
Costs can rack up from a few different avenues after a password-related breach. A combination of the below can be an eye-watering price to pay for an end user recycling a weak or compromised password:
- Regulatory fines and legal costs
- Customer churn
- Increased insurance premiums
- Disruption to normal operations and productivity losses
- Harder to evaluate costs such as reputational damage and loss of customer trust
- Data recovery costs in ransomware cases
Continuously scan your Active Directory for breached passwords
To mitigate the risks outlined above, organizations are encouraged to enforce policies that prohibit password reuse and to educate employees about the importance of using unique passwords for different systems. Specops Password Policy can help ensures that users create strong and complex passwords that are difficult to guess or crack. However, strong passwords can still become compromised and you need a way to find out whether your end users are using breached passwords.
Specops Password Policy also comes with a Breached Password Protection feature that continuously scans your Active Directory for compromised passwords. Our database of over four billion known breached passwords includes passwords from our real-time attack monitoring system that monitors live brute force attacks, plus malware-stolen data from our human-led Threat Intelligence team. If an end user is found to be using a compromised password, they’re notified and prompted to change.
Password resets and lockouts drain IT resources
Password resets can significantly impact an organization both in terms of time and money. Managing password-related issues, such as resets and account lockouts, often requires substantial IT helpdesk resources. Forrester research has found that a large percentage of help desk calls are related to password problems, with each password reset costing around $70 on average. This not only represents a direct financial cost but also diverts IT staff from focusing on more strategic tasks, potentially slowing down other important IT functions.
Frequent password resets and account lockouts are common disruptors of workflow. Employees spend considerable time dealing with password issues, from the initial realization and decision to reset to the actual process of changing the password, which might involve multiple steps and interactions with IT support.
Save money with self-service password resets
Organizations can save money on password resets by implementing self-service password reset solutions. Recent Specops research has shown that organizations saved an average of $65,000 in 2023 by allowing users to reset their passwords independently with Specops uReset, instead of involving the IT helpdesk. This approach not only reduces the workload on IT staff, allowing them to focus on more critical tasks, but also decreases the downtime employees experience due to forgotten or expired passwords.
Adopting a self-service password reset system can significantly reduce the number of helpdesk calls related to password issues, which typically account for a large portion of IT support activities. By empowering users to manage their password resets securely, organizations can cut down on operational costs associated with manual password resets – this shift not only streamlines the process but also enhances overall security and user satisfaction. Book a free trial or demo of Specops uReset here.
Bad password policies lead to reduced productivity
Bad passwords and inadequate password policies can have knock-on impacts for end-user productivity. It’s been estimated that employees can spend an average of 11 hours per year just on password resets. This includes the time taken to contact help desks, the wait for issue resolution, and the actual task of resetting passwords. Solving these issues can vary from a few minutes to much longer, depending on the complexity of the organization’s systems.
Employees often spend considerable time dealing with password issues, which could otherwise be spent on more productive tasks. This downtime can accumulate to represent significant financial losses, especially in larger organizations with thousands of employees. The cumulative effect of these factors underscores how critical efficient password management is to minimizing unnecessary expenditures and optimizing operational efficiency.
Better end user experience = better productivity
Encouraging the use of passphrases is a good way to give end users strong passwords while reducing the frequency of password-related disruptions. Organizations can use this best practice guide to encourage strong passphrases instead of weak, easily-guessable passwords. Passphrases are easier for end users to remember, so they’ll spend less time forgetting and resetting passwords. Specops Password Policy employs dynamic feedback at the password reset screen (shown below), which helps end users to understand your policy and guides them towards creating strong passwords.
Interested to learn how Specops Password Policy could fit in with your organization and save on password-related costs? Speak to an expert today.
(Last updated on August 1, 2024)