The High Costs of Inefficient Password Changes

Introduction

For most organizations, passwords remain the primary gateway to secure their invaluable assets. However, a lack of proper password management can become a silent resource drain. This is the story of a fictitious corporation mirroring a 50,000-employee company, and how inefficient password policies led to staggering costs in time, money, and organizational stress. Forecasting costs of password changes isn’t that difficult.

The Scenario

The company had a password policy that mandated employees to change their passwords every 30 days. While this appeared secure on the surface, it resulted in inefficiencies that rippled across the company.

The Numbers

Let’s break down the costs incurred by the company due to ineffective password policies:

Time Spent on Password Changes

1. Time taken to change a password: 5 minutes
2. Number of employees: 50,000
3. Frequency of change: Once a month

Total time spent on changing passwords per month:
5 minutes/employee x 50,000 employees = 250,000 minutes
= 4,166.67 hours
= 173.6 days

Password Resets Due to Forgetfulness

According to a Forrester Research report, around 30% of helpdesk calls are for password resets.

1. Average time for a helpdesk call: 10 minutes
2. Percentage of employees forgetting passwords: 30% of 50,000 = 15,000
3. Frequency: Monthly

Total time spent on password resets per month:
10 minutes/call x 15,000 calls = 150,000 minutes
= 2,500 hours
= 104.2 days

Financial Impact

Assuming an average hourly wage of $25:

1. Cost of password changes: 4,166.67 hours x $25 = $104,166.75/month
2. Cost of password resets: 2,500 hours x $25 = $62,500/month

Total cost per month: $166,666.75
Total cost per year: $2,000,001

Stress and Productivity Loss

The inefficiency doesn’t end with direct costs. Frequent password changes lead to:

• Reduced employee morale due to the recurring need to remember new passwords.
• Increased chances of writing down passwords, thereby compromising security.
• Diverted helpdesk resources that could be better used for other critical tasks.

What they could have done differently

1. Implement Multi-Factor Authentication (MFA): Adding a second layer of authentication could have minimized the need for frequent password changes.
2. Single Sign-On (SSO) Solutions: This would reduce the number of passwords an employee has to remember.
3. Password Management Software: Such software could generate, retrieve, and store complex passwords, reducing the cognitive load on employees.

The Costs of Password Changes

The company’s journey serves as a cautionary tale for large organizations. A flawed password policy can result in not just financial loss but also a decline in employee productivity and well-being. Implementing modern authentication solutions can significantly reduce these hidden costs while enhancing security.

To see how GateKeeper Enterprise can revamp your password policies and save significant costs, read some of our case studies and customer reviews.

By integrating these insights into your proposal, you’ll effectively show the prospective client the critical need for adopting efficient password management solutions like GateKeeper Enterprise.