Passwords still the weakest link

Businesses are still struggling to convince their staff of the importance of password security, according to a survey of 67,000 users.

The survey by IT security access company SafeNet revealed that half of all employees wrote their passwords down and a third shared them.

Conducted among its customers, partners and resellers it also found that 68% of organisations had enhanced their security policies from over a year ago, by requiring longer or more complicated passwords.

But repeatedly changing passwords for networked applications brought its own problems.

Many users reported that they were unable to remember their passwords, with large numbers writing them down. More than 80% of respondents had three or more passwords, with 67% using these passwords to access five or more applications.

And users were seeing an increase in the number of times they had to re-set their passwords, which made it difficult for many to remember them.

Companies requiring password changes three to four times a year increased by 1% from a year ago, from 22% to 23%. Companies that changed their passwords five or six times a year also increased by 1%, from 14% to 15%.

The number that changed passwords seven or more times a year grew by 3%, from 27% to 30%.

The survey also found that 68% of organisations had enhanced their security policies from over a year ago, by requiring longer or more complicated passwords.

But simply increasing password security was not enough, SafeNet warned, companies had to adopt other measures, such as USB tokens and smartcards for network access.