Storage News
Security News
Networking News 
 FREE NEWSLETTERS
search
 

internet.commerce
Be a Commerce Partner
Dental Insurance
Corporate Gifts
Build a Server Rack
Disney World Tickets
Online Education
Holiday Gift Ideas
Promotional Golf
Promos and Premiums
Remote Online Backup
Car Donations
Online Universities
Web Hosting Directory
KVM Switches
Logo Design

internet.com
IT
Developer
Internet News
Small Business
Personal Technology
International

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers


Untitled table test
Register here for your free Internet.com membership to download your Justifying and Funding Infrastructure Investments report.

This independent report will help you make the case for your IT investments. Topics covered include:

Measuring Infrastructure Value
Justifying New Investments
Establishing an Infrastructure Value Chain and More.
Register now for your free Internet.com membership to download your complimentary Forrester report.
Limited Time Offer!

Security Products
 Message Classification / Document Classification (Titus Labs)
 IronKey (IronKey, Inc)
 Mazu Profiler (Mazu Networks, Inc)
 MHZ2 CJ Series (Fujitsu Computer Products of America, Inc)
 Secure Mail / Secure DOX (Echoworx Corp)
 Enterprise Security Reporter (ScriptLogic Corp)
» Enterprise IT Planet » Security » Security News

Visit ServerWatch for summaries of server and development tool updates, the latest on server news and trends, and more.

Low-Tech Password Cracker: Chocolate

By Enterprise IT Planet Staff
April 20, 2004

Email Print Digg This Add to del.icio.us
Trade your password for a bar of chocolate? You would probably (and responsibly) decline, but some Londoners took up the offer.

Out of a small sample of 172 office workers that were approached on the street, more than a third (37%) willingly divulged their password when simply asked, according to Infosecurity Europe 2004's organizers. Sadly, a large majority -- a full 71 percent -- forked over the information when bribed with chocolate.

Last year, 90 percent of office workers approached at the Waterloo Station accepted a cheap pen in exchange for their password. 65% of those surveyed did so the year before in 2002.

Indeed while chocolate may prove difficult for those with a sweet tooth, many still fall victim to social engineering, or in this case, a little light prodding minus the candy. Interviewers found that by fishing for the answer, such as implying that it is likely to be someone they know or a favorite sports team, workers broke down and let the secret slip. 34 percent fell for this ploy. The most common passwords, incidentally, were based on the names of loved ones, cars, teams and pets.

The survey also found that 40 percent knew their co-workers passwords, and that 20 percent never change their passwords while 51 do so on a monthly basis.

Disturbingly, many keep their passwords in a drawer scribbled on a piece of paper or in easily accessible Word files. Also troubling for its potential to launch both identity theft scams and breaches in corporate network security is the fact that roughly two thirds of those surveyed used the same password for work and personal business.

Luckily, 53 percent said they would never reveal a password over the phone, as opposed to walking up to them in the street and just asking apparently. What would the other 47 percent do? That's something for IT managers to ponder.

Nonetheless, the survey and its shocking results will surely be a topic of discussion during next week's Infosecurity Europe 2004 conference in Olympia, London during April 27-29.

Email Print Digg This Add to del.icio.us

Security News Archives

eBook: Evaluating Software as a Service for Your Business. Sponsored by Webroot
Five Trends for Application Development & Program Management. Download Complimentary Report Now.
Best Practices: Make the Case for IT Investments. Complimentary Independent Report. Download Now!
HP eBook: Using Business Service Management (BSM) to Manage Your Business Applications
Learn about expanding business opportunities for the reseller channel. Visit IT Channel Planet.



Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Sponsored by HP, Citrix, and Intel
Learn how a single server can be easily and rapidly set up as a virtualization server to manage the server and the virtual machines. Download this whitepaper now and get a chance to receive FREE XenServer HP Select Edition Software.
Solutions for Technology Professionals from Internet.com



JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers
Solutions
Whitepapers and eBooks
Microsoft Article: Will Hyper-V Make VMware This Decade's Netscape?
Microsoft Article: 7.0, Microsoft's Lucky Version?
Microsoft Article: Hyper-V--The Killer Feature in Windows Server 2008
Avaya Article: How to Feed Data into the Avaya Event Processor
Microsoft Article: Install What You Need with Windows Server 2008
HP eBook: Putting the Green into IT
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 1
Intel Go Parallel Portal: Interview with C++ Guru Herb Sutter, Part 2--The Future of Concurrency
Avaya Article: Setting Up a SIP A/S Development Environment
IBM Article: How Cool Is Your Data Center?
Microsoft Article: Managing Virtual Machines with Microsoft System Center
HP eBook: Storage Networking , Part 1
Microsoft Article: Solving Data Center Complexity with Microsoft System Center Configuration Manager 2007
MORE WHITEPAPERS, EBOOKS, AND ARTICLES
Webcasts
Intel Video: Are Multi-core Processors Here to Stay?
On-Demand Webcast: Five Virtualization Trends to Watch
HP Video: Page Cost Calculator
Intel Video: APIs for Parallel Programming
HP Webcast: Storage Is Changing Fast - Be Ready or Be Left Behind
Microsoft Silverlight Video: Creating Fading Controls with Expression Design and Expression Blend 2
MORE WEBCASTS, PODCASTS, AND VIDEOS
Downloads and eKits
Sun Download: Solaris 8 Migration Assistant
Sybase Download: SQL Anywhere Developer Edition
Red Gate Download: SQL Backup Pro and free DBA Best Practices eBook
 Red Gate Download: SQL Compare Pro 6
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS
Tutorials and Demos
How-to-Article: Preparing for Hyper-Threading Technology and Dual Core Technology
eTouch PDF: Conquering the Tyranny of E-Mail and Word Processors
IBM Article: Collaborating in the High-Performance Workplace
HP Demo: StorageWorks EVA4400
 Intel Featured Algorhythm: Intel Threading Building Blocks--The Pipeline Class
Microsoft How-to Article: Get Going with Silverlight and Windows Live
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES