Stories
Slash Boxes
Comments

SoylentNews is people

49% of Workers, When Forced to Update Their Password, Reuse the Same One With Just a Minor Change

posted by martyb on Friday December 13 2019, @03:11PM   Printer-friendly
from the https://xkcd.com/936/ dept.

An Anonymous Coward writes:

49% of workers, when forced to update their password, reuse the same one with just a minor change:

A survey of 200 people conducted by security outfit HYPR has some alarming findings.

For instance, not only did 72% of users admit that they reused the same passwords in their personal life, but also 49% admitted that when forced to update their passwords in the workplace they reused the same one with a minor change.

Furthermore, many users were clearly relying upon their puny human memory to remember passwords (42% in the office, 35% in their personal lives) rather than something more reliable. This, no doubt, feeds users' tendency to choose weak, easy-to-crack passwords as well as reusing old passwords or making minor changes to existing ones.

What is so bad about changing "Password1" to "Password2"?

Original Submission

 
This discussion has been archived. No new comments can be posted.
49% of Workers, When Forced to Update Their Password, Reuse the Same One With Just a Minor Change | Log In/Create an Account | Top | 75 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by RS3 on Friday December 13 2019, @03:47PM (3 children)

    by RS3 (6367) on Friday December 13 2019, @03:47PM (#931727)

    Yeah, sometimes I think this stuff is overdone. If someone has physical access to a computer, they can rip out a hard disk pretty quickly. And you could argue in favor of disk encryption, but if the motherboard dies (which is rare) you lose everything. But hopefully it's all backed up, right?

    I tend to keep passwords simple for low-privilege accounts, and fairly longish for admin/root stuff.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 0) by Anonymous Coward on Friday December 13 2019, @04:03PM

    by Anonymous Coward on Friday December 13 2019, @04:03PM (#931734)

    If you're counting on being able to get data off the disk when the computer fails, you've screwed up on so many levels.

    You're supposed to have regular backups and if what you're doing is so hard to replicate that losing a few hours of work is a problem, then you should be running those backups more frequently. I'm sure there are a few areas where you can generate data too quickly for that, but in those cases, you have other considerations and you'll likely want to use something more advanced for data storage than a single computer.

  • (Score: 2) by barbara hudson on Friday December 13 2019, @04:49PM (1 child)

    by barbara hudson (6443) <barbara.Jane.hudson@icloud.com> on Friday December 13 2019, @04:49PM (#931750) Journal

    If someone has physical access to a computer, they can rip out a hard disk pretty quickly

    I wish. Hard disk physically soldered in place, dirty rotten built-in obsolescence bastards.

    Want more storage? Buy a new machine because it's not worth unsoldering the old one and still having older hardware.

    --
    SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.

    • (Score: 2) by RS3 on Saturday December 14 2019, @12:01AM

      by RS3 (6367) on Saturday December 14 2019, @12:01AM (#931873)

      Or plug in a USB stick or external drive.