Human Error Continues To Create Password Hygiene Challenges

October 9, 2025

The findings of the 2025 Cybersecurity Pulse Survey reveal ongoing and troubling employee behaviors related to password security.

Despite years of cybersecurity training and repeated incidents, many employees continue to write passwords on Post-it notes and leave them in plain sight at their desks, undermining organizational security.

The survey uncovered that password reuse and sharing are still alarmingly common, showing a disconnect between company policies and actual employee practices. It highlights a pervasive sense of frustration among workers, who find strict password policies cumbersome and often circumvent them for convenience, inadvertently increasing the risk to their organizations.

The findings indicate that despite advances in security technologies, human error and lax discipline remain significant challenges in protecting sensitive data. The piece underscores that even as companies invest in advanced software and multifactor authentication, these efforts are frequently rendered ineffective by weak human practices such as poor password hygiene, careless sharing, and storing plaintext passwords in unsecured locations. Rather than technical vulnerabilities, it's often the basic lapses in user behavior that give cybercriminals easy access to sensitive information.

Source: https://finance.yahoo.com/news/passwords-post-2025-cybersecurity-pulse-130000781.html

Commentary

A highlight of the article is that human error and lax discipline are a challenge to preserving data, especially as to password and password security. 

Below are the best practices for human beings regarding password hygiene:

  • Simple passwords
    • 123456
    • Password
    • Qwerty
  • Short passwords
    • okgo
    • 1234
  • Single word passwords
    • Admin
    • guest
    • Welcome
    • Monkey
  • Personal passwords
    • Names
    • Birthdates
    • Pet names
  • Dictionary passwords
    • Common words found in a dictionary
  • Default passwords
    • Passwords provided by a manufacturer/developer
  • Predictable patterns/sequences
    • Abcd1234
    • Aabbccddeeffgg
    • 111111
    • 1a2b3c4d
  • Keyboard patterns
    • Qwerty
    • Asdfgh
    • 1q2w3e4r
  • Common substitutions of numbers/special characters for letters
    • P@ssw0rd
    • Pa55w0rd
    • Pa$$w0rd
  • Incremental or pattern changes to a password
    • Changing from "qwerty1" to "qwerty2"
  • Same password used for multiple, different accounts
  • Sharing passwords
  • Passwords not regularly altered/updated
  • Passwords not altered/updated after a security breach/warning
  • Passwords not altered/updated after voluntary disclosure for repairs/troubleshooting/other reasons
  • Unsecured passwords
  • Default passwords


 

Finally, your opinion is important to us. Please complete the opinion survey:

Product

Articles

Hidden Deductions, High Stakes: The Legal Perils Of Mismanaged Employee Insurance Premiums

A CEO collects, but fails to pay her employee's insurance premiums. We explore the consequences and steps organizations can take to prevent internal embezzlement.

Are Employers Experiencing Revenge Quitting? You Make The Call

Revenge quitting is an emerging trend. We define, and examine, it, and ask you for your opinion while giving our opinion as well. You make the call and join the conversation.

Human Error Continues To Create Password Hygiene Challenges

A 2025 survey claims no progress is being made on password hygiene. Human error is cited. We examine and provide a checklist.

Navigating Religious Accommodation Challenges For Healthcare Employers

We discuss best practices for healthcare employers to help manage religious accommodation requests while minimizing legal risks and maintaining patient care priorities.

Steps Employers Can Take To Prevent Multi-Layered And Complex Embezzlement Schemes

A former senior accountant is sentenced for embezzling more than $1.8M from his employer. We examine the crime and what steps employers should consider to avoid being victimized.