Surprise! Passwords Are (Still) Weak Link in Security Chain

October 17, 2010

Despite predictions that the password will fade into obscurity, or the rise of alternative methods of authentication such as fingerprint scanners, the username and password are still the default method of accessing secure accounts and information. Unfortunately, weak passwords, and poor password practices mean the password isn’t providing very good protection in many cases.

A survey conducted on behalf of Webroot uncovered some concerning–yet not all that shocking–details about passwords. It would be nice to say that the survey results are startling, but the reality is that surveys such as this show year after year that users continue to follow the same poor password practices, and that passwords continue to be a weak link for computer and information security.

Passwords as Achilles Heel

Passwords are the primary keys to the digital kingdom, yet users show consistently poor judgment when creating and managing them.Webroot found that the most commonly used password-protected sites or resources are banks (88 percent), personal e-mail accounts (86 percent), and Facebook (72 percent). In other words, the vast majority of users rely on passwords to protect very sensitive financial and personal information.

But, the Webroot survey also found that:

• 4 in 10 respondents shared passwords with at least one person in the past year.

• Nearly as many people use the same password to log into multiple Web sites, which could expose their information on each of the sites if one of them becomes compromised.

• Almost half of all users never use special characters (e.g. ! ? & #) in their passwords, a simple technique that makes it more difficult for criminals to guess passwords.

• 2 in 10 have used a significant date, such as a birth date, or a pet’s name as a password–information that’s often publicly visible on social networks.

In Video: Disaster! How to Retrieve a Lost Windows Password

Reality Distortion Field

Webroot also uncovered a significant contradiction between how secure users believe their passwords are, and the reality demonstrated by their password practices. While half of the respondents believe their passwords are either very or extremely secure, the survey found that:

• 86 percent do not check for a secure connection when accessing sensitive information when using unfamiliar computers.

• 14 percent never change their banking password.

• 20 percent have used a significant date in a password.

• And 30 percent remember their passwords by writing them down and hiding them somewhere like a desk drawer.

Read More

Ready for a Private and Secure Online Workspace- GoSecure.com

%d bloggers like this: