Password Fail: Are Your Workers Using 123456? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Password Fail: Are Your Workers Using 123456?
Oldest First  |  Newest First  |  Threaded View
Page 1 / 3   >   >>
PedroGonzales
50%
50%
PedroGonzales,
User Rank: Ninja
1/20/2015 | 7:09:42 PM
memory classes anyone
so far nothing beats regular passwords.  As much as IT staff advises people to manage their passwords better.  The same passwords appear over and over again.  People just have too many password and can't remember all of them.  May be the solution will be for people to learn how to memorize all these complicated password. 
jastroff
50%
50%
jastroff,
User Rank: Ninja
1/21/2015 | 5:20:56 AM
Re: memory classes anyone
I don't think I ever used "password" but I've always been fond of it. I went for the sequence of numbers -- same word, but 1, 2 3...and then I couldn't remember them anyway. Good software, for home or enterprise, makes the person select something that's difficult to break, and therefore impossible to remember, and so it's written down!

On the consumer side, using Dashlane, which synchs between phone/tablet/pc is a wonderful solution. Has anyone been using this in the enterprise space? 
MemphisITDude
50%
50%
MemphisITDude,
User Rank: Strategist
1/21/2015 | 11:28:14 AM
Is this survey using old data?
"I always set my password to 'incorrect' so when I forget what it is, the computer tells me!"

But seriously, none of the "worst passwords of 2014" depicted seem to meet modern complexity requirements? Most every site I use requires a more complex password, what Web sites still accept 123456?
Canamjay
50%
50%
Canamjay,
User Rank: Guru
1/21/2015 | 12:38:50 PM
Re: memory classes anyone
interesting that this seems to follow the current trend of taking the focus away from site managers security responsibilities and ... blames the users for security breaches!! Well known security vulnerabilities have been exploited across a broad spectrum of networks and of course, every time , the user has to change passwords. There would be much better overall security if the IT folks (and the enterprises that employ them) practised proper security methods. It is clear they do not and software vendors like Oracle are at least equally to blame. Clean up these vulnerabilities and mal practices before leaning on users about their passwords which are much less often the point of breach. This is one of the worst articles I've read on this subject.
Whoopty
50%
50%
Whoopty,
User Rank: Ninja
1/21/2015 | 12:40:32 PM
Get over the hump
The problem lies mostly with the perception that saving a bunch of different passwords is going to be a real pain. Of course it's a bit slower using some password saving software, but ultimately once you've begun doing it, having customised passwords for the 30 or so sites and services you use that require them is well worth it.

Then you just have to come up with a good master password. 
vnewman2
50%
50%
vnewman2,
User Rank: Ninja
1/21/2015 | 1:28:20 PM
Re: memory classes anyone
It would be a whole lot easier if there were one type of naming convention for all passwords and then I could actually remember them, but as it stands, since websites continue to change the requirements (you must have a symbol, a symbol and a number, a symbol, number and captial letter, a symbol, number, captial letter, special character...ugh!!)  I have resorted to violating rule #1 of password protection-ness: writing them all down.

I guess I could go back to every website I visit and update all my passwords to be the exact same.  Am I actually going to do that?  No.

I guess I could store them in the cloud somewhere or with one of those fancy password keeper apps, but is that anymore secure?  What if I forget the password to that site?  I'm at a loss.  So if someone steals my little Hello Kitty notebook, I'm in big trouble.

 
Stratustician
50%
50%
Stratustician,
User Rank: Ninja
1/21/2015 | 3:20:13 PM
Re: memory classes anyone
Well, single sign-on was really aimed at fixing a lot of the issues, at least for corporate sites.  less passwords to remember, and the promise of increased security due to better authentication.  That being said, it will never address the real-world realities of every other non-work site and the risks that are inherent.  Humans are inherently lazy, and the reality is the this conversation is going to continue way too much longer than we would all like to see it.  My bet is the same password, 123456 will top the list again next year!
Angelfuego
50%
50%
Angelfuego,
User Rank: Ninja
1/21/2015 | 7:03:58 PM
Re: memory classes anyone
Lol! I cannot believe people are actually using "123456" as their password! I am shocked! It really is not a wise choice, unless you don't mind having your security compromised.
Angelfuego
50%
50%
Angelfuego,
User Rank: Ninja
1/21/2015 | 7:11:43 PM
Re: memory classes anyone
I sometimes wish that I would take the time to make all of my passwords the same as well. Sometimes the problem for me is that I forget the answer to some of my security questions. I obviously remember the answers to the questions regarding the middle names of my parents, But I forgot the answers to the questions that I ask what is my favorite movie or favorite food? I came across this issue when I was trying to change one of my passwords recently.
Angelfuego
50%
50%
Angelfuego,
User Rank: Ninja
1/21/2015 | 7:14:50 PM
Re: memory classes anyone
@jastroff, I think using your birthday is another bad password. 123abc is risky as well.
Page 1 / 3   >   >>


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Commentary
Gartner Forecast Sees 7.3% Shrinkage in IT Spending for 2020
Joao-Pierre S. Ruth, Senior Writer,  7/15/2020
Slideshows
10 Ways AI Is Transforming Enterprise Software
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/13/2020
Commentary
IT Career Paths You May Not Have Considered
Lisa Morgan, Freelance Writer,  6/30/2020
Register for InformationWeek Newsletters
Video
Current Issue
Special Report: Why Performance Testing is Crucial Today
This special report will help enterprises determine what they should expect from performance testing solutions and how to put them to work most efficiently. Get it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll