A new poll conducted by Sophos reveals that employees' password choices can put sensitive business information at risk. The problem is that consistency is dangerous; users need to vary their passwords more.
The poll shows that that only 14% of employees use a different password for every website they access. Unfortunately, a worrying 41% use the same password all the time, and 45% admitted that they had a small handful of passwords that they use in many places.
"It is madness to use the same password for accessing a website which tells you the football results, as the one which gives you access to your online bank account," said Graham Cluley of Sophos. "If hackers manage to steal your password, and you use the same password for all websites, then it's giving them an open invitation to steal your identity and leave you with a large hole in your virtual wallet."
Companies need to do more educate their employees on the risks of personal and professional information loss. Simply by choosing unique, multiple passwords a user can help combat cyber-criminal activity in the workplace.
Currently, 72% of system administrators believe their users chose weak, easy-to-crack passwords.
"Company defenses are only as strong as the weakest link in the chain. If users decide to make their password the name of their girlfriend, favorite football team or pet goldfish then they are risking business data," said Mr. Cluley. "Users must be vigilant in choosing multiple, unpredictable passwords to ensure the security of business networks and personal data."
Good advice. But as everyone who has tried to remember multiple passwords knows, difficult to follow.
For more information on this critical subject, read the recently-published eMarketer report Online Privacy and Security: The Fear Factor.