The majority of administrative passwords in some of the world's largest corporations are stored in the heads of one or two IT staff or kept on paper, according to a survey by Cyber-Ark Software.
Of the 200 IT security professionals questioned at the Infosecurity event in London, 28 per cent revealed that they keep their administrative passwords in their heads and 38 per cent resort to writing them down on paper.
Cyber-Ark said that lax password management such as keeping passwords in inaccessible or unsecured locations can hinder security efforts and affect business continuity.
"In the event that the keeper of critical administrative passwords is unavailable or loses the location of the passwords, it can cause massive disruption and hours of lost productivity," the Cyber-Ark study said.
Perhaps even more worrying is that 15 per cent never change their critical passwords, and a quarter allow their IT staff to use them without permission.
"This is a serious oversight considering it is these very passwords that are the most powerful and critical of all passwords, over-riding all the others and enabling the 'administrator' to access the network, systems and the very applications which provide the backbone of enterprises worldwide," the report said.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago