In a survey of 1,000 U.S. workers by PasswordManager.com, 47% of respondents admitted that they still used passwords of former employers. Workers most often used these passwords to access company email, paid tools, subscriptions and even company data.
For the most part, their motivation was not malicious. More than half of workers (56%) said they accessed these accounts for personal use, while others wanted to connect with former clients or customers (43%) or needed help with another job (39%). However, 10% said they wanted to disrupt company activities, which has major security implications.
Workers were most often able to access these accounts because the passwords had not changed since they left or because a current employee shared the password with them.
“Companies should create incentives for managing information properly and consider penalties or corrections for intentional or negligent use of information, including passwords and company accounts,” said Daniel Farber Huang, head of privacy and cybersecurity at PasswordManager.com.