LogMeIn: Poor Or Reused Passwords Responsible For 80 Percent Of Breaches

‘Right now with COVID, most companies are sharing their passwords just in an email, and that is not secure. That can be hacked very easily,’ says Jason Lucero, MSP channel manager for LastPass by LogMeIn.

Sixty-six percent of people use the same passwords for their accounts and if their passwords are poor, then they’re that much more at risk of being hacked, according to Jason Lucero, MSP channel manager for LastPass by LogMeIn.

At the XChange+ 2021 event, hosted by CRN parent The Channel Company, Lucero spoke to MSPs about the importance of password management and how LogMeIn can benefit them and their customers.

According to a Verizon Data Breach Report, 80 percent of data breaches are the result of poor or reused passwords, he said.

“Right now with COVID, most companies are sharing their passwords just in an email, and that is not secure,” Lucero said. “That can be hacked very easily.”

About 300 billion passwords are used by humans and machines worldwide, he said in his session at Xchange+ 2021. Of those 300 billion, 15 billion logins are now circulating on the dark web.

[Related: Datto’s Rae: ‘Who Is Key In Digital Transformation? The Managed Service Provider]

Meanwhile, according to a study from Ovum, 76 percent of employees report experiencing regular password problems and a study from Accenture found that 68 percent of business leaders feel that their cybersecurity risks are increasing. These factors will contribute to the identity and access management space becoming a $24 billion market by 2025, Lucero said.

“You can have your regular RMM package that you’re reselling as an MSP,” he said. “And then you can add in identity and access management, and it’s some really great, nice recurring revenue.”

Michael Agboh, CTO of Signature Technology Solutions, a Farmington Hills, Mich.-based MSP, is a LogMeIn partner and said having one secure place to have all your passwords is critical.

“Password management is unique because most of the time, if you work in IT, you have so many passwords and most people don’t want to manage their passwords,” he said. “They want it to be a free-for-all.”

Although password management may be an inconvenience because it requires more steps and costs more, when Agboh talks about the money customers would save versus how much money they would lose if they were hacked, “then they tend to listen to what we have to say,” he said.

Convenience around password management is key, agreed Jonathan Highman, COO of ITPartners+, a Grand Rapids, Mich.-based MSP.

“[They say], ‘It’s too much work to have to change my passwords. The requirements are too complicated. I can’t remember. I want to just tweak a number,’” he said. “Password management tools … there’s no other way to do it. You have to have the multifactor authentication and a complicated password. It’s kind of the standard minimum requirement to really start to be secure.”

LogMeIn’s LastPass provides a secure location where all passwords can be stored with a single access, said Tim Coach, director of operations for NetrixIT, a Mendota Heights, Minn.-based MSP.

“The great thing about LastPass is it provides a password solution that can be used both as an individual and for the business clients,” he said. “Currently with all the systems’ two-factor authentication [and] going to the cloud, passwords are becoming more and more critical in the individual user’s environment. In order to continue with password complexity, people just can’t remember multiple passwords and all the complexities [that go] with it.”