We’ve all heard about the consequences of poor password practices again and again. Yet, users still reuse their passwords for multiple accounts, create weak passwords, or use dictionary words and compromised passwords. Why do users still follow these poor practices even in 2020?

There’s a simple psychological explanation as to why many of us still follow such practices. It’s termed as optimism bias. This bias leads us to underestimate the risks and consequences involved in poor practices. The optimism bias also lets us underestimate the chances of suffering the consequences. For example, people naturally underestimate the chances of being in an accident. Similarly, a user setting a weak password thinks that it’s highly unlikely that their password will be compromised; they often consider the risk worth the comfort of being able to remember their passwords easily.


In our upcoming webinar, our security expert will show you how to prevent poor password practices in your organization. Register now.


Individually, the consequence might not seem like much. However, in an organization, if a hundred employees think and act similarly, that’s a hundred potential entry points for an attacker. To prevent users from setting weak passwords or reusing passwords, there are two things you can do:

  1. Make employees want to set strong passwords by taking advantage of the herd mentality.

  2. Implementing stringent password policies.

Let’s talk about herd mentality. Simply put, it’s a person’s tendency to do exactly what everyone else around them is doing. While educating your employees about good password practices and their benefits, you can also provide statistics that show how the majority of employees use strong passwords. This will give them a sense of being left out if they use weaker passwords. The users’ optimism bias can be overcome this way, and they will lean more towards setting stronger passwords in order to be a part of the crowd.

Now that users are inclined to set strong passwords, it’s up to you to guide them on how to set strong passwords. There are four simple password management practices that you can implement in your organization for your employees, which is especially important if they’re working remotely.

Our security expert will talk about these practices in our upcoming webinar. Register now to learn how you can finally protect your organization from poor password practices.