49% of workers, when forced to update their password, reuse the same one with just a minor change:
A survey of 200 people conducted by security outfit HYPR has some alarming findings.
For instance, not only did 72% of users admit that they reused the same passwords in their personal life, but also 49% admitted that when forced to update their passwords in the workplace they reused the same one with a minor change.
Furthermore, many users were clearly relying upon their puny human memory to remember passwords (42% in the office, 35% in their personal lives) rather than something more reliable. This, no doubt, feeds users' tendency to choose weak, easy-to-crack passwords as well as reusing old passwords or making minor changes to existing ones.
What is so bad about changing "Password1" to "Password2"?
(Score: 0) by Anonymous Coward on Saturday December 14 2019, @05:05AM
Ubuntu has a package 'apg' that solves my password-changing issues. It can generate nice long random, memorable, pronounceable passwords:
$ apg -a0 -m16 -x16 -t -M CLNS
Abr4Drupearjerd/ (Abr-FOUR-Dru-pearj-erd-SLASH)
ajyed9osHamOlEv_ (aj-yed-NINE-os-Ham-Ol-Ev-UNDERSCORE)
Ji4FleckLeugjic[ (Ji-FOUR-Fleck-Leug-jic-LEFT_BRACKET)
Notcepvovreg6Ob# (Not-cep-vov-reg-SIX-Ob-CROSSHATCH)
der[druhiagJewl5 (der-LEFT_BRACKET-dru-hiag-Jewl-FIVE)
ep3OjvutMyobkaj] (ep-THREE-Oj-vut-Myob-kaj-RIGHT_BRACKET)
$