|
| |
 |
Study reveals lack of password security |
A new study by Infosecurity Europe has found that a worrying number of IT professionals are less than secure with their system passwords, despite widespread knowledge of the associated risks. The survey, which polled 300 IT and office workers in London rail stations and an IT exhibition, found that 64% of people were prepared to reveal their passwords in response to questions, and in some cases, in exchange for a bar of chocolate. The research was aimed at discovering whether IT professionals are more security conscious than other office workers.The researchers asked respondents if they knew what the most common password is and then asked them what their password was. Only 22% of IT professionals revealed their password at this point compared to 40% of commuters, if at first they refused to give their password the researchers would then ask if it was based on a child, pet, football team, etc, and then suggest potential passwords by guessing the name of their child or team. By using this technique, a further 42% of IT professionals and 22% of commuters then inadvertently revealed their password. This then took the total number of people who revealed their password to 64% overall for both groups. “This survey shows that even those in responsible IT positions in large organisations are not as aware as they should be about information security,” said Sam Jeffers, Event Manager for Infosecurity Europe 2007 the number one event dedicated to information security which takes place at Olympia, London from 24th to 26th April 2007. “What is most surprising is that even when the IT professionals became slightly wary about revealing their passwords, they were put at their ease by a smile and a bit of smooth talk. It just goes to show that we still have a long way to go in educating people about security policies and procedures as the person trying to steal data from a company is just as likely to be an attractive young woman acting as a honey trap as a hacker using technology to find a way into a corporate network.” |
|
