Training Toolkit

Like passwords for chocolate?

Munir Kotadia ZDNet.co.uk

Published: 20 Apr 2004 08:50 BST

A survey of office workers in London found that almost three quarters would reveal their network-access password in exchange for a bar of chocolate.

The survey was conducted by the organisers of Infosecurity Europe 2004, a security exhibition to be held in London next week. They offered 172 commuters at Liverpool Street Station a bar of chocolate if they would reveal their corporate password. Surprisingly, 37 percent immediately agreed, while another 34 percent were persuaded to give up their secret access codes when the interviewer commented that it was most likely to be the name of their pet or their child.

Claire Sellick, event director for Infosecurity Europe 2004, said the results prove that employers are not educating their users about the importance of information security: "This comes down to poor training and procedures. Employers should make sure that their employees are aware of information security policies and that they are kept up-to-date," she said in a statement.

According to the survey, most participants were unhappy remembering so many different passwords and would prefer to use either biometric authentication -- such as fingerprint recognition -- or smartcards. "Clearly, workers are fed up with having to remember multiple passwords and would be happy to replace them with alternative identification technology," said Sellick.

At the RSA Security conference in San Francisco last month, Microsoft's chairman Bill Gates said traditional passwords are dying out because they cannot be relied on to keep critical information secure. During his keynote, Gates said: "There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."