How much is your Password worth?

What would it take for someone to buy your password from you? Come on, be truthful, what would it really take for someone to bribe you out of your work password?

The price would be pretty steep right?

Well, according to reports from London, a good percentage of office workers polled gladly surrendered their work password for… Chocolate.

Well, not everyone caved for chocolate. Some held their password in much higher worth; it took a cheap pen to pry it out of them.

Office workers in London have been approached over several years and asked to sell their passwords for trinkets. In 2002, 65 percent of people polled gave up their work password for a pen. In 2003 it was worse, 90 percent did.

In 2004, 71 percent of people polled gave up there passwords for a candy bar. 37 percent gave it away for free!

Well, that was a long time ago, office workers have been inundated with warnings about protecting their passwords. With the increase of security policies and education, things would be much different now.

Well, as recent as 2008, things haven’t changed much. In April 2008, a poll conducted prior to the London Infosecurity Europe conference showed that chocolate was still an effective social engineering tool.

70 percent of those polled gave up not only their user name but their password as well in the name of chocolaty goodness. Some must have been on a diet, as 34 percent gave them away for free.

Granted, some may have lied just to get a candy bar, but what if they didn’t? Could your network security be compromised by a Snickers bar? Or a Twix? Or, how about this bright, shiny pen?

Users will always be the weakest link in network security. Multiple authentication methods are the best way to go.

SOURCE:  “Protect your Windows Network from Perimeter to Data”, Jesper M. Johansson & Steve Riley, Addison-Wesley, 2005. Page 139 – “How Much are Your Passwords Worth?”

~ by D. Dieterle on November 10, 2010.

3 Responses to “How much is your Password worth?”

  1. […] Read this article: How much is your Password worth? « CYBER ARMS – Computer Security […]

  2. […] This post was mentioned on Twitter by Protego Security, Cyber Arms. Cyber Arms said: How much is your password worth? – http://bit.ly/cfnB0R […]

  3. […] begs the question, should our network security be based on passwords alone? In a previous article, How Much is Your Password Worth?, I showed that people would actually give away their password for a pen or chocolate. Some just […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: