How much is your Password worth?
The price would be pretty steep right?
Well, according to reports from London, a good percentage of office workers polled gladly surrendered their work password for… Chocolate.
Well, not everyone caved for chocolate. Some held their password in much higher worth; it took a cheap pen to pry it out of them.
Office workers in London have been approached over several years and asked to sell their passwords for trinkets. In 2002, 65 percent of people polled gave up their work password for a pen. In 2003 it was worse, 90 percent did.
In 2004, 71 percent of people polled gave up there passwords for a candy bar. 37 percent gave it away for free!
Well, that was a long time ago, office workers have been inundated with warnings about protecting their passwords. With the increase of security policies and education, things would be much different now.
Well, as recent as 2008, things haven’t changed much. In April 2008, a poll conducted prior to the London Infosecurity Europe conference showed that chocolate was still an effective social engineering tool.
70 percent of those polled gave up not only their user name but their password as well in the name of chocolaty goodness. Some must have been on a diet, as 34 percent gave them away for free.
Granted, some may have lied just to get a candy bar, but what if they didn’t? Could your network security be compromised by a Snickers bar? Or a Twix? Or, how about this bright, shiny pen?
Users will always be the weakest link in network security. Multiple authentication methods are the best way to go.
SOURCE: “Protect your Windows Network from Perimeter to Data”, Jesper M. Johansson & Steve Riley, Addison-Wesley, 2005. Page 139 – “How Much are Your Passwords Worth?”
~ by D. Dieterle on November 10, 2010.