City firms continue to reject basic best practice for IT security passwords, according to a new survey from IT company Quest Software. Quest’s study, which surveyed 200 workers in London’s Square Mile, indicates that companies are contravening a range of guidelines from the SANS Institute, the world’s largest and most trusted source of information security training and certification.
According to Quest’s findings, around half of system passwords are shorter than the recommended eight characters, making them too easy to crack.
Furthermore, 84 per cent of respondents are responsible for choosing their own passwords, whilst over 25 per cent use ‘real word’ passwords rather than the recommended alpha-numeric combinations. Both these practices are strongly discouraged as they can also lead to compromised security.
In another worrying trend, around a quarter of those workers surveyed also share passwords between work PCs and personal applications like web mail and online banking, again increasing the risk of password theft and unauthorised system access.
A third of respondents have shared confidential password information with work colleagues – another practice that raises security concerns.