Stories
Slash Boxes
Comments

SoylentNews is people

49% of Workers, When Forced to Update Their Password, Reuse the Same One With Just a Minor Change

posted by martyb on Friday December 13 2019, @03:11PM   Printer-friendly
from the https://xkcd.com/936/ dept.

An Anonymous Coward writes:

49% of workers, when forced to update their password, reuse the same one with just a minor change:

A survey of 200 people conducted by security outfit HYPR has some alarming findings.

For instance, not only did 72% of users admit that they reused the same passwords in their personal life, but also 49% admitted that when forced to update their passwords in the workplace they reused the same one with a minor change.

Furthermore, many users were clearly relying upon their puny human memory to remember passwords (42% in the office, 35% in their personal lives) rather than something more reliable. This, no doubt, feeds users' tendency to choose weak, easy-to-crack passwords as well as reusing old passwords or making minor changes to existing ones.

What is so bad about changing "Password1" to "Password2"?

Original Submission

 
This discussion has been archived. No new comments can be posted.
49% of Workers, When Forced to Update Their Password, Reuse the Same One With Just a Minor Change | Log In/Create an Account | Top | 75 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Funny) by DannyB on Friday December 13 2019, @04:47PM (5 children)

    by DannyB (5839) Subscriber Badge on Friday December 13 2019, @04:47PM (#931748) Journal

    As I have pointed out before [soylentnews.org], organizations should encourage their employees to use the one and only secure password. [mostsecure.pw]

    As I said previously:

    I won't post [the password] here, for security reasons, so you'll have to visit the link. [mostsecure.pw]

    I tested that site on SSLLabs [ssllabs.com], and it scores a grade of A. So that is definitely the password I'm going to use from now on!

    All corporate managers should issue a directive to their employees to begin using this password at once!

    In addition to the security, another advantage is that you will no longer need password manglers.

    --
    The lower I set my standards the more accomplishments I have.
    Starting Score:    1  point
    Moderation   +1  
       Funny=1, Total=1
    Extra 'Funny' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 0) by Anonymous Coward on Friday December 13 2019, @05:03PM

    by Anonymous Coward on Friday December 13 2019, @05:03PM (#931759)

    That password works well when you want a pay raise and a few extra weeks of paid vacation, and I'm now the CEO of Apple, M$, Tesla, and own an island in the Caribbean.

  • (Score: 2) by Osamabobama on Friday December 13 2019, @05:41PM (2 children)

    by Osamabobama (5842) on Friday December 13 2019, @05:41PM (#931769)

    Can’t connect securely to this page

    This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.

    Your TLS security settings aren’t set to the defaults, which could also be causing this error.

    My employer doesn't want me to know...

    --
    Appended to the end of comments you post. Max: 120 chars.

    • (Score: 2) by DannyB on Friday December 13 2019, @06:21PM

      by DannyB (5839) Subscriber Badge on Friday December 13 2019, @06:21PM (#931785) Journal

      I would point out:

      Your TLS security settings aren’t set to the defaults, which could also be causing this error.

      On SSLLabs, which I just tried again, [ssllabs.com] and it gets a Grade A on both its IPv4 and IPv6 addresses, I notice the following. SSLLabs only tested it on TLS 1.2 because SSLLabs says: "For TLS 1.3 tests, we only support RFC 8446."

      --
      The lower I set my standards the more accomplishments I have.

    • (Score: 1) by nitehawk214 on Friday December 13 2019, @06:32PM

      by nitehawk214 (1304) on Friday December 13 2019, @06:32PM (#931791)

      It is hunter2 [bash.org]

      --
      "Don't you ever miss the days when you used to be nostalgic?" -Loiosh

  • (Score: 2) by captain normal on Friday December 13 2019, @07:49PM

    by captain normal (2205) on Friday December 13 2019, @07:49PM (#931810)

    Right...Just try remembering that 20 minutes from now. Unless you write it down (maybe like the NASA guy in a TV interview a few years ago, in the background was a computer on which there was a clearly visible post it note with a line of characters under the label "password'). The problem is that there are way too many places where a password is required. Way too many for our simple monkey brains to remember them all.
    Whoever comes up with a real solution could be rich enough to buy a small country.

    --
    Everyone is entitled to his own opinion, but not to his own facts"- --Daniel Patrick Moynihan--