An alarming proportion of IT professionals are prepared
to disclose their personal passwords to researchers in return for a
smile and a free bar of chocolate.
More than 20% of IT professionals quizzed by researchers working
for Infosecurity Europe at an IT exhibition
disclosed their passwords when asked directly by an attractive,
chocolate wielding researcher.
A further 42% revealed their passwords when the researchers
quizzed them whether their passwords were based on the name of a
child, pet or football team.
“What is most surprising is that even when IT professionals
became slightly wary about revealing their passwords, they were put
at ease by a smile and a bit of smooth talk,” said Sam Jeffers,
event manager for Infosecurity Europe.
IT professionals, however, were more security aware than the
general public. When researchers questioned commuters at London
train stations, over 40% were prepared to disclose their passwords
immediately, and 22% gave out their password under further
questioning.
Almost 30% of the people questioned admitted to knowing the
passwords of work colleagues, and 40% said they would happily hand
their password over to their IT department, if asked.
Two thirds of those surveyed said they would look at a file
containing everyone’s salaries if they were sent it by mistake and
20% said they would pass it on to colleagues.
Some 58% said they would take contacts and competitive
information with them when they left their organisation.
The researchers surveyed 300 office workers and IT staff.
Related articles:
Security policies must extend outside of the office
Web users warned to take control of online safety
Third of firms don't report e-crime
Comment on this article:
computer.weekly@rbi.co.uk
David Lacey’s security blog
The latest
ideas, best practices, and business issues associated with managing
security
Stuart King’s risk management blog
Dealing with
the operational challenges of information security and risk
management