Carelessness about password security among US business owners could leave critical company data on platter to hackers, according a study by two factor authentication provider, Swivel Secure.
According to the research, 74.2% of business owners keep their passwords recorded in an offline system or a written log.
Among those surveyed, about 63% of business owners re-use the same passwords to log in to different systems while 61% are not concerned about the security of corporate systems.
The negligent behaviour is said to be influencing the habits of employees, with 73% of full time workers in the US using the same batch of passwords online and only 33% using less than five different passwords to access their business and personal sites.
Swivel Secure international VP Fraser Thomas said: "A significant proportion of last year's $46bn global spend on cyber security will have been wasted as a direct consequence of password reuse.
"By continuing to rely on this outdated form of authentication, US business owners are undermining their investment in firewalls and other costly network security measures and leaving themselves dangerously exposed to cybercrime.
"Password reuse is rife. As result, it may only take one employee's Twitter or Amazon password to be hacked for unlawful and undetected access to their company systems to be gained.
"Business owners must take responsibility for securing their systems at every level within their organizations. There are a wealth of flexible, easy to use and cost effective strong authentication platforms available which can be utilized to eradicate these risks."
Swivel Secure questioned 2,500 working in the US as a part of the research on their Internet security habits.
According to the study, the carelessness increases with age, with 71% of 55- to 64-year-olds 'unconcerned' about the security of their work IT systems, compared with 47.1% of those aged between 25 and 34.
"For many, logging in with a username and password has become little more than a mechanical inconvenience," Thomas added.