We must transform our way of thinking

A survey which has been conducted recently shows that most users are resorting to insecure methods to store passwords because they are being overwhelmed by the number of passwords needed to do their every day jobs.

According to the research, 25% of users keep passwords on a spreadsheet, 22% store them on a PDA while 15% simply write them down and keep them in a “safe place”.

People are forced to handle so many passwords that are not possible to remember. More than 25% of users handle over 13 different passwords, yet another 30% juggle with 6 to 12 passwords. What’s more, most employees in companies are recommended to change their passwords every 3 to 6 months. The passwords must be at least 8 characters wrong, include digits and letters and comply with all existing security standards. Besides, the newly changed password should by no means resemble the previous one.

In this relation, I found some interesting ideas in DMAC blog. From a security standpoint, all security measures continue to have the same flaw: “They are vulnerable to end user laziness”. In fact, a security solution is only as strong as its weakest link and “unfortunately it’s Bill the dad of 4 who doesn’t give two cents about your password policy”.

“Security and Laziness must combine”. We must transform the way we think as security professionals. We must put ourselves in Bill’s shoes. Security professionals and end users must reach a compromise.

This blog is run by the authors of FindProtected, an effective information security solution. With Find Protected, IT administrators can do a deep inspection into employees’ files aiming to enforce an intelligent data security policy across the organization.

Leave a Reply