Password Problems Give Rise to Cyberattack Risk

Password faux pax leaves education businesses and organisations at risk of cyberattacks.


One Fifth of Organisations at Risk


1 in 5 education businesses and organisations risk cyberattacks due to not having password rotation policies in place with 27% of education workers admit to using the same passwords on rotation. All computer related devices now come with a password protection facility to ensure data and information is kept safe, but a new study reveals that many education businesses may still be leaving themselves vulnerable to cyberattacks.

A study of 1,247 workplaces by, cybersecurity experts, found that more than one in five (26%) education businesses and organisations leave themselves at risk of cyberattacks due to their lack of having (or enforcing) password rotation policies.

Of the companies and organisations that do have password rotation policies in place, 39% of employees confess that they didn’t know these policies actually existed.


Uninformed Workforce


A staggering 56% of education workers who did know about their company’s password protection policies revealed they do not adhere to them by regularly changing their password, and of those who do adhere, 27% confessed to simply using the same passwords on rotation.

For the companies and organisations without password rotation policies, only 5% of staff bother to regularly rotate or change their passwords.

The main reasons education workers cited for not changing their passwords were: they are worried they will forget their password (47%), regularly changing passwords is annoying (36%), and they don’t see the point (29%).

Surprisingly, the research also found that entry level staff in this industry were most likely to be guilty of not following password rotation policies (44%).


The Need for Password Protection

David Janssen, security researcher and founder at comments: “Password rotation policies safeguard both businesses and employees alike by protecting their work, especially when working an industry that frequently deals with sensitive information like education. Changing your password every 2-3 months is a really effective way to deter cyberattacks, and although yes, some may find it frustrating, it could save a lot of heart ache down the line.

“It’s shocking to see how many people who work in education didn’t realise what the point in regularly changing their password is, and it’s clear from our research these organisations and employees alike need to be educated on the importance of implementing policies such as these.”