Businesses vulnerable with ‘antiquated’ logins


Most firms still use standard username and password logins, placing them at risk of attack from crafty hackers, a report has warned.

Furthermore, these "antiquated" authentication methods make matters complex for workers, requiring them to remember various passwords, the Symantec-sponsored Forrester research showed.

Almost 90 per cent of users are required by their employer to remember two or more passwords, the survey of hundreds of global businesses revealed.

Even when it comes to partner access, 67 per cent of companies were found to not use two-factor authentication to protect their corporate networks.

Over half of companies polled admitted to having suffered one data breach in the past year, yet many businesses still rely on old authentication.

"The IT landscape is changing so dramatically and so rapidly that one in four organisations are requiring users to remember six or more passwords to access corporate networks and applications and as this Forrester study shows, that approach to authentication is collapsing under its own weight," said Atri Chatterjee, vice president of User Authentication at Symantec.

"As enterprises continue to open up, strong authentication can help keep the bad guys out."

A number of recent cases have highlighted the dangers of solely relying on username and login authentication.

Gawker Media admitted last month that passwords were stolen in a hack on its user databases. It subsequently recommended users change their passwords for any Gawker websites.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.