Home > Cyber News > Nearly Half of US Employees Continue to Keep Their Passwords on Sticky Notes

Nearly Half of US Employees Continue to Keep Their Passwords on Sticky Notes

What is the safest way to keep your passwords?

Perhaps using a password manager is considered one of the better ways to manage your passwords, especially in a working environment. Unfortunately, despite the available technologies, new Keeper Security study shows that more than 50% of American employees use sticky notes to remember their passwords. Needless to say, this sticky note habit creates various security risks.

So, what else do the results say?
The habit of keeping passwords on sticky notes or notebooks continues to be trendy in the remote work era. 66% of employees say that they are more likely to write down work-related passwords while working from home. 62% of asked employees shared that they use a notebook to keep their credentials. Most of these people also keep their notebooks close to their work devices, which creates a security risk. 51% of the participants in the study said that they keep their passwords in a document on their computer’s desktop.

Another troublesome trend is that 62% have shared a work-related password over text message or an email, making it possible for threat actors to intercept the communication and harvest the passwords. Surprisingly, 46% said that their employers encouraged them to share passwords for accounts used by more people.

To sum it up:

  • 57% save passwords on sticky notes
  • 49% save passwords in unprotected, plain-text documents
  • 62% share passwords by text message and email

More details are available in the original report.

The so-called PyXie malware is an example of a remote access trojan used against several industries to steal passwords and other sensitive details. The malware has been deployed in conjunction with Cobalt Strike and a downloader similar to Shifu.

The capabilities of PyXie RAT include man-in-the-middle interception, web injections, keylogging functionalities, credential harvesting, network scanning, cookie theft, clearing logs, recording video, running arbitrary payloads, monitoring USB drives and exfiltrating data, among others.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree