By Graham Hayday, 14 January 2003 16:10
NEWS Up to 80 per cent of calls received by helpdesk staff are from end users who've forgotten their passwords - and with each support call costing organisations around £15, the problem is not as trivial as it may sound. Over 35 per cent of respondents to a survey carried out by service management software specialist Axios Systems said that password queries accounted for between 40 and 60 per cent of all calls received by their company's IT helpdesk. Some 22.5 per cent said password issues represented between 20 and 40 per cent of helpdesk calls, with 6.5 per cent putting the figure at 60 to 80 per cent. Research group Meta has calculated that every support call costs organisations approximately $25 (£15). Ailsa Symeonides, sales and marketing director of Axios Systems, said: "The results show the central importance of having a system for rapid resetting of passwords. Many helpdesks are becoming clogged with problems caused by staff forgetting or mis-keying their passwords." The 2002 NTA Monitor Password Survey recently found that the typical intensive IT user now has 21 passwords, with some heavy users maintaining up to 70 passwords. The Axios survey was conducted at the annual conference of the UK IT Service Management Forum in Brighton last month. Over 200 delegates were polled - predominantly IT support professionals working for a wide range of private and public sector organisations.
Comments
There is 1 comment. Join the discussion
1. anonymous
I once had one of those hated help desk jobs, and I have great difficulty believing the $25 / £15 figure. Here's the protocol we used:
1. Look up the user's supervisor in our directory, and phone him/her on the internal PBX (there were few enough supervisors that it is highly likely you would recognise that person's voice.)
2. Confirm the request. Reset the password to something randomish but not too hard, like "oakdevil", set the "user must change password at next logon" checkbox, and tell the supervisor.
3. The supervisor gets the user to logon and change the password immediately. You confirm that your temporary password no longer works.
4. Email the user a stock message about passwords. An hour or so later, ring the user to confirm "the job is closed" (which also makes spoofing attacks much harder), and close the job.
5. Exceptions: there were certain highly sensitive accounts for which password changes were conveyed by "safe hand". Those guys rarely required it, however.
This process took about 3 to 4 minutes of our time, and maybe 1 to 2 minutes each for the user and supervisor. I can assure you that none of the actors in this play were being paid the approx. £140 per hour that would be required to make it cost £15. The cost would be more like £1.50, max.