Tuesday, April 20, 2004

And the key is under the mat

Security Pipeline | Will Trade Passwords For Chocolate
Almost three quarters of office workers in an impromptu man-on-the-street survey were willing to give up their passwords when offered the bribe of a chocolate bar.

... Some 37 percent of workers surveyed immediately gave their password. If they initially refused, researchers used social engineering tactics, such as suggesting that the password has to do with a pet or children's name. An additional 34 percent revealed their passwords at that point.

The company said: "Of the 172 office workers surveyed many explained the origin of their passwords, such as 'my team - Spurs,' 'my name - Charlie,' 'my car -minicooper,' 'my cat's name - Tinks.' The most common password categories were family names such as partners or children (15%), followed by football teams (11%), and pets (8%). The most common password was 'admin.' One interviewee said, 'I work in a financial call center, our password changes daily, but I do not have a problem remembering it as it is written on the board so that every one can see it.... I think they rub it off before the cleaners arrive."
You think?

And then there's the ever-popular "password".

No comments: