Posted 02/14/09 at 05:51:15 PM by Pulkit Chandna

It is a disgrace that humans haven’t still got the hang of setting passwords. It seems as though that most internet users have inextricably tethered themselves to a promise of not setting strong-enough passwords, which may force hackers to reconsider their choice of profession for its grueling nature. As you devour more of this story, you will begin to envy hackers for having it stroll-in-the-park easy.

A new study has revealed – rather reiterated - that internet users nonchalantly continue to set unimaginative, fatuous passwords. The study appraised 28,000 passwords that were recently stolen from a U.S website.

Sixteen percent of the users had set their first name as their password. Around fourteen percent chose easiest to recall key combinations, including “1234” and “12345678”. Other users, who apparently don’t rate their mathematical ability highly, chose to steer clear of numbers and settled for passwords such as “AZERTY” and “QWERTY”.

Five percent of the passwords were found to be inspired by popular things and celebrities, including names of movies, TV shows and actors. The strongest password in this category was found to be “Ironman” as it sounds impenetrable.

Three percent of the people reckon passwords are another medium of expression. How else would you explain passwords like “Iloveyou” and “Ihateyou?”

Read More

Posted 09/09/08 at 06:18:38 PM by Paul Lilly

In the end, it might be easier keeping a problematic IT administrator on board than to let him go. Top level execs take note - according to a new survey, which pinged 300 IT administrators still with a job, a staggering 88 percent admitted they would steal company secrets if they were laid off.

The information IT professionals not-yet-scorned said they'd take include the CEO's passwords, the customer database, R&D plans, financial reports, M&A plans, and the company's list of privileged passwords. And when it comes to that last one, administrators don't even need to be laid off in order to start poking around. More than a third of those surveyed claimed to have used privileged passwords to snoop on the network, look up salaries, and peek at other personnel details assumed to be private.

"Our advice is secure the most privileged data, and routinely change and manage them, so that if an employee's contract is terminated, whether sacked or made redundant, they can't maliciously play havoc inside the network or vindictively steal data for competitive or financial gain," said Udi Mokady, chief executive of security firm Cyber-Ark.

Sound advice, but is it futile?

Read More