49% of workers, when forced to update their password, reuse the same one with just a minor change:
A survey of 200 people conducted by security outfit HYPR has some alarming findings.
For instance, not only did 72% of users admit that they reused the same passwords in their personal life, but also 49% admitted that when forced to update their passwords in the workplace they reused the same one with a minor change.
Furthermore, many users were clearly relying upon their puny human memory to remember passwords (42% in the office, 35% in their personal lives) rather than something more reliable. This, no doubt, feeds users' tendency to choose weak, easy-to-crack passwords as well as reusing old passwords or making minor changes to existing ones.
What is so bad about changing "Password1" to "Password2"?
(Score: 5, Informative) by barbara hudson on Friday December 13 2019, @04:35PM
When you know the user needs to use at least 1 digit, and 1 special character, you've eliminated the need to check all alpha-only passwords.
Second, because so many people need password resets, it's easier to convince the keepers of the keys to reset a password via social engineering - hence the epidemic of identity theft.
Biometrics? Fingerprint readers don't actually compare fingerprints- they generate a number based on a small number of features of a fingerprint. Doesn't work if you don't have well defined features, like mine. We tried registering my fingerprint on a time clock for weeks. Never worked. I deleted my bank app when they needed fingerprint I'd because I don't want to get locked out by 10 failures of verification.
And we all know facial ID also can be easily compromised.
Only physical security can be trusted- anything else is smoke and mirrors.
SoylentNews is social media. Says so right in the slogan. Soylentnews is people, not tech.