Enterprise organizations have revealed disparate password management practices when it comes to training and storage, according to a recent survey.

Nearly half — 46% — of information technology (IT), security, and cybersecurity leaders say they still store passwords in shared office documents. That’s despite an overwhelming 93% of respondents that require password management training, with 63% holding training more than once per year. 

A survey conducted by Pulse on behalf of Hitachi ID asked 100 IT, security and cybersecurity professionals about enterprise password management.

“It raises an important question about how effective password management training is when nearly half the organizations are still storing passwords in spreadsheets and other documents, and 8% write them on sticky notes,” said Nick Brown, Chief Executive Officer at Hitachi ID. “Insecure passwords are still a leading cause of cyberattacks, and education alone is clearly not enough. More companies need to follow the lead of the 30% who report that they store passwords in a company-provided password manager.”

When asked whether an employee leaving the company could take passwords with them, 5% say they were extremely confident that wasn’t possible. If they have to urgently terminate an employee, only 7% of leaders are extremely confident they can transfer passwords and credentials, terminate access and maintain business continuity.

That lack of confidence has real-world implications. Some 29% of respondents say they’ve experienced an incident in the past year where they lost access to product systems after an employee left the organization.

Find out more about enterprise password management here.