SHARE
Facebook X Pinterest WhatsApp

Forgotten Passwords Cost Companies $200,000 a Year

A recent survey of 2,000 people in the U.S. and the U.K. has found that companies lose over $420 in productivity per employee per year due to workers struggling with passwords — for a 500-person company, that’s a loss of more than $200,000 per year. The survey, conducted by Widmeyer and sponsored by Centrify, also […]

Written By
thumbnail Jeff Goldman
Jeff Goldman
Oct 17, 2014
eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

A recent survey of 2,000 people in the U.S. and the U.K. has found that companies lose over $420 in productivity per employee per year due to workers struggling with passwords — for a 500-person company, that’s a loss of more than $200,000 per year.

The survey, conducted by Widmeyer and sponsored by Centrify, also found that 49 percent of respondents use their personal mobile devices for business purposes, and more than a third admit they don’t use passwords on those devices even though they keep office email, confidential documents, customer contact information and budget data on them.

“I think most would agree that passwords are broken, but it’s shocking when you quantify the magnitude of what passwords are costing organizations from both an efficiency and effectivity standpoint,” Centrify CEO Tom Kemp said in a statement.

Over a quarter of respondents said they enter a password online more than 10 times a day, and over a third said they’ve been locked out of online accounts because they couldn’t remember their password.

The survey also found that consumers generally underestimate the number of account profiles they have. While almost two thirds of respondents believe they have 10 or fewer online profiles, more than a third of respondents create one new account profile per week.

That’s true even though 81 percent of respondents say they’re concerned about having their identity stolen, 80 percent are concerned about having their credit card information stolen online, and 74 percent say they’re concerned about being a victim of cybercrime.

And respondents’ password practices are far from ideal — one quarter of respondents said they always use the same password whenever possible, one quarter rotate through a variety of similar passwords, and just under a quarter use personal information in their passwords.

Only 15 percent of respondents in the U.K. and 12 percent in the U.S. believe their passwords are “very secure.”

“This underscores the demand for a better approach, whether that’s unified identity management with benefits like single sign-on and multi-factor identification for corporations, or new types of encryption systems for public websites,” Centrify’s Kemp said.

“Bottom line, it’s time to kill passwords,” he added.

Soon after the study results were published, unidentified hackers claimed to have compiled a list of almost 7 million stolen Dropbox login credentials. Dropbox stated in response that any stolen credentials were the result of password reuse.

And last month, a hacker published almost 5 million Gmail addresses and matching passwords, which Google also claimed were accessed as a result of password reuse, not through a breach of Google’s systems.

“Often, these credentials are obtained through a combination of other sources,” Google stated at the time. “For instance, if you reuse the same username and password across websites, and one of those websites gets hacked, your credentials could be used to log into the others.”

Recent eSecurity Planet articles have offered advice on how to enforce password complexity without alienating users, and examined a variety of different tools for enforcing password policies.

thumbnail Jeff Goldman

eSecurity Planet contributor Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet writer since 2009. He's also written extensively about wireless and broadband infrastructure and semiconductor engineering. He started his career at MTV, but soon decided that technology writing was a more promising path.

Recommended for you...

6 Open-Source Vulnerability Scanners That Actually Work
Chad Kime
Sep 5, 2025
Surfshark vs NordVPN (2025): Which VPN Wins? Full Breakdown
Matt Gonzales
Aug 14, 2025
The 5 Best VPNs for Small Businesses on a Budget
Matt Gonzales
Jul 16, 2025
Penetration Testing Phases: Steps, Tools & Methodology
Ray Fernandez
Jun 10, 2025
eSecurity Planet Logo

eSecurity Planet is a leading resource for IT professionals at large enterprises who are actively researching cybersecurity vendors and latest trends. eSecurity Planet focuses on providing instruction for how to approach common security challenges, as well as informational deep-dives about advanced cybersecurity topics.

Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.