A team of researchers studied a group of users of different age groups, gender, and fields of work/study to see their behavioral patterns while handling passwords. The study involved an online survey and an experiment where users were asked to create accounts for three websites. Here’s what they found:
1. In the experiment, 36 percent of respondents used the same password for all three user accounts, while 16 percent reused their passwords with slight changes.
2. The survey asked if the respondents reused their passwords, and a whopping 61 percent of them said that they did. 25 percent didn’t reuse their passwords, and 14 percent sometimes did.
3. When the respondents were asked if they were aware of the consequences of reusing passwords, 45 percent said that they were not aware.
4. The survey also had a set of questions to see if computer science or IT graduates reused their passwords. The researchers found that 22 percent of IT grads did reuse their passwords. What’s more, 18 percent knew that reusing passwords would reduce security, yet they continued the practice anyway.
5. Respondents were asked how they created their passwords. 35 percent used names, and 18 percent used words or names, but with some letters replaced with numbers and symbols. Further, 11 percent used dictionary words.
These statistics are alarming. When these not-so-safe password practices creep into an organization, it becomes a boon for attackers and a major risk for IT departments. Implementing stringent password management practices therefore become essential to curb such behavior.
Check out our e-book for simple password management practices that you can implement in your organization, and ensure that there are no hurdles in the way of your company’s flow of business.