By editorial@silicon.com, 27 May 2002 17:30
COMMENT It's official - most of us are really quite dull and unimaginative when it comes to passwords. Nicknames, pop stars, football teams - and that's about has far as it goes. Pets names are also an over-used favourite. But be warned - using your moggy's name as a password is just asking for trouble - especially if you do nothing but talk all day about "Buttons". As daft as it might sound, a recent survey by Orthus found "password" is an even more popular password. Is yours any better? In our defence, human memories are not equipped with the ability to remember complex mathematical patterns - just simple word associations. And although we remember pin numbers, lock combinations and phone numbers most of us have a deep fear of the digit-word combo password. But maybe it's time users were forced to stretch themselves. After all, it's clear human's are the weakest link when it comes to IT security. Richard Hollis, managing director of security specialist Orthus suggests that approaching passwords the same way you might a pair of knickers might just sort things out. He said: "Passwords are like underwear. You shouldn't leave them out where people can see them. You should change them regularly. And you shouldn't loan them out to strangers." The importance of passwords is often overlooked and users are allowed to get away with using the most easy-to-guess words. But they are, of course, as equally important as antivirus protection, for instance. The simplest act of social engineering, such as password guessing, could potentially expose a massive hole in the company's IT system allowing hackers in to do their dirty work. But it's never too late to change that ropey password. Go on - do it now. Put "Button" out of her misery. What are your worst password blunders? Tell us how many nicknames, star signs and pets you have used as passwords. Just how unimaginative have you been?
Comments
There are 2 comments. Join the discussion
1. Nohj Edo
What can you expect?
It is common sense for people to choose passwords that they can remember. If someone is given the option to choose a password, they are most likely to pick a dictionary word which relates in some way to their everyday life. Which makes more sense that picking a more secure alpha-numeric password which is most likely harder to remember than a word but is less secure. So there is a trade off between increased security and password retention.
2. anonymous
I often use old vehicle registration numbers but only of cars I haven't owned for a long time. Also I had to create about a hundred passwords for a company I used phrases but with number substitutions such as L4z7S0d5