Skip to main content

68% of IT leaders say employee motivation hinders credential security efforts

April 1, 2025

Report finds 68% of IT managers say employee motivation is the biggest challenge in remediating at-risk credentials.

Bitwarden released findings from its Business Insights Report, revealing significant gaps in credential security among over 100 IT leaders surveyed. Nearly half of organizations (48%) reported inadequate password health monitoring, with employees taking an average of nine days to update weak or compromised credentials.

While 67% of IT administrators recognize credential access management as vital, 68% struggle to enforce password management due to employee motivation issues. There are also complications stemming from a lack of visibility and user awareness, with 44% of IT admins noting employees lack knowledge on how to change passwords, and 36% citing difficulty in tracking progress towards secure practices.

Despite weak passwords being a common attack vector, 60% of IT leaders report ineffective strategies for updating at-risk credentials. The report indicates that while 53% of IT managers aspire to proactively address credential security, only 33% feel equipped to do so.

  • Approximately 60% of IT managers find their strategies for quickly updating at-risk credentials to be only somewhat or completely ineffective.
  • 66% of organizations that fail to alert employees about updating at-risk credentials cite a lack of tools or resources.

Additionally, 90% of IT admins depend on employees to manage their own credentials, primarily through email notifications (42%) or direct conversations (36%). However, over half (51%) express that employees do not take security measures seriously, which complicates remediation efforts.

IT leaders identified key strategies for enhancing password security, including:

  • 51% believe prioritizing security actions can significantly improve security posture.
  • 46% suggest intuitive workflows for non-technical users to facilitate timely password updates.
  • 45% advocate for regular training to develop strong password habits and awareness.

To bolster security, organizations are encouraged to implement tools to detect weak, reused, or exposed credentials while adopting strong password policies. This can help narrow the enterprise attack surface and enhance responses to emerging threats.

The insights in the Bitwarden Business Insights Report are based on a survey conducted with 108 IT administrators and business leaders, collected between late 2024 and early 2025.

Related Perspectives