[ISN] Why so many bad passwords? Because the rules allow them.

From: InfoSec News <alerts_at_private>
Date: Wed, 14 Mar 2012 00:33:42 -0500 (CDT)
http://gcn.com/articles/2012/03/12/bad-passwords-why-organizations-allow-them.aspx

By Kevin McCaney
GCN.com
March 12, 2012

A recent study by security company Trustwave found that the most common 
computer passwords are still variations on the word “password.”

That news won’t make anyone spit out their morning coffee; the 
prevalence of bad passwords is an established fact of life. But the 
report does shed light on why bad passwords are so common and offers 
suggestions for reducing the problem.

Trustwave’s 2012 Global Security Report, a comprehensive look at the 
security landscape, includes a section on passwords that delves into 
weaknesses in user behavior, administrative policy and the technologies 
used to manage passwords.

The company’s SpiderLabs studied 2.5 million passwords used at 
organizations and found that about 5 percent of them used a variation on 
“password,” such as “Password1,” “Password2,” “Passw0rd,” “Password123," 
and plain old “password.” Another popular one was variations on 
“welcome,” such as “WeIcome,” “Welcome1,” and so on. And the 
always-reliable “123456” made an appearance, too.

[...]


______________________________________________________________________________
ISSMP, CISSP, and Certified Ethical Hacker training with Expanding Security
gives the best training and support.  Get a free live class invite weekly.
Best program, best price. http://www.ExpandingSecurity.com/PainPill
Received on Tue Mar 13 2012 - 22:33:42 PDT

This archive was generated by hypermail 2.2.0 : Tue Mar 13 2012 - 22:27:14 PDT