If you don’t see the harm in letting your employees share passwords, you’re hardly alone. In fact, recent research has demonstrated that 52% of employees in the US and UK do not identify any security risk inherent in sharing passwords and logins.
Unfortunately, sharing passwords can lead to serious issues. Here are just a few reasons why it’s a practice you should put a stop to within your own business.
Lack of Accountability
If your employees feel free to share their passwords with other team members, you’re going to be faced with an overall lack of accountability. If someone accesses their files or email and behaves inappropriately, you’ll have no way of knowing who was actually behind that action. This can become incredibly problematic if a user ever transfers sensitive information or contacts a client or customer in an unsavoury manner. Having passwords restricted to one employee makes it riskier for any one person to behave in this way.
Opportunity for Unauthorised Access
One thing you’ll have to worry about when passwords are shared is having people access files and accounts that are not theirs when they are still part of your company. However, this issue isn’t going to go away simply because someone leaves your employment. If the password of a current employee was shared with someone who has left, access will be available to people outside your business. They may harbour ill-will against you, or they may leave to work for a competitor; in any case, you really don’t want them able to continue accessing your data.
Encourages Password Reuse
You’ve probably heard on more than one occasion that you should change your password every few months and resist the temptation to use the same password across different accounts and applications. Unfortunately, allowing your employees to share their passwords increases the risk of passwords being reused. If an employee is going to share their password, they’ll probably just use the same one for emails, social networking, desktop authentication, and so on; after all, it’s easier to share just one password. This goes against all best practices and severely compromises the security of your network.