What businesses can learn from the Password Manager Annual Report 2022

What businesses can learn from the Password Manager Annual Report 2022

According to the Password Manager Annual Report 2022, digital passwords remain both a primary tool for security and a target for malicious online hackers. While password managers help further secure login credentials, users still have a way to go in maximizing these apps for greater protection.

Here are some key takeaways from the report, and how your business can improve its cybersecurity practices today.

Strong passwords are a must

Based on the National Institute of Standards and Technology’s guidelines, every quality password should have the following four characteristics:

  1. Unique – isn’t used for any other account
  2. Lengthy – has a minimum of eight characters
  3. Updated – changed whenever there is a potential breach or suspected malicious activity
  4. Divorced from any personal meaning – doesn’t contain clues or hints that can be found on social media or other online networks

However, since most Americans choose to memorize their passwords (41%) or document them through physical (32%) or digital notes (25%), they are likely to use easy-to-remember passwords that are also easy to crack for cybercriminals.

Related article: How to get the most out of Microsoft Teams

Read also: 8 of the most dangerous places to store your passwords in

This is where a password manager comes in handy. It securely stores all of your passwords for you, so you don’t have to memorize all of them. You just need to memorize one password called a master password to unlock the password manager and access all of your login credentials. A password manager can generate strong passwords for each of your accounts, helping better secure your company data and IT systems.

Professional use is still limited

Of those currently relying on password managers, the overwhelming majority are reportedly using them for personal reasons. According to the report, professional use may be limited, as most organizations still rely on inadequate password management methods. These include requiring a single (though regularly updated) password and only one added layer of verification, typically through two-factor authentication or security tokens.

Based on these findings, it is clear that many organizations can improve their password practices — and implementing a password manager is an excellent first step in doing so.

Relying solely on password managers isn’t enough

Enhancing your company’s password practices shouldn’t stop at simply installing a password manager. Employees must also be trained how to use the company password manager properly, as breaches can still take place when it is used incorrectly.

According to the report, some password manager users still found themselves experiencing identity theft, with many of these linked to improper use of the app. Nearly half of the users who had their identities stolen were using their master password for other accounts, in which the corresponding login credentials were stored in the password manager. This risky practice removes all the crucial layers of security a password manager aims to provide, and it has increased from 19% in 2021 to 25% in 2022.

Related article: How to get the most out of Microsoft Teams

Read also: Tips for creating a strong master password

When a company provides a password manager, they must train employees how to use the password manager properly and create a strong master password. Employees should also undergo regular cybersecurity awareness training so that they will more likely practice good cybersecurity habits, become better at spotting and responding to different cyberthreats, and also become aware of the company’s cybersecurity policies.

Don’t wait for your business to become a victim of cybercrime. Bolster your organization’s cyber defenses today by partnering with the IT security experts at Fidelis. We offer an extensive range of robust, top-of-the-line cybersecurity services, including managed security services, dark web scanning, network security, business data protection, and security training. Get in touch with us today.


Deciding whether to have an in-house IT team or a managed IT services provider (MSP) manage your business IT infrastructure can be difficult. This eBook from Fidelis will help you determine which option is best for your company.DOWNLOAD HERE