Out-Law / Your Daily Need-To-Know
Employees are suffering from password overload, leading them to use insecure means of password management, according to a US survey by online security solutions firm RSA Security Inc.
survey of almost 1,700 enterprise technology end-users found that 28% of respondents had to deal with more than 13 passwords at work, while 30% managed between six and 12 passwords.
Nine out 10 respondents reported feeling frustrated when trying to manage their passwords.
The situation has been made more difficult by firms trying to strengthen their password policies. According to Andrew Braunberg, senior analyst at Current Analysis, this has “resulted in additional burdens for the end user – such as requiring that employees change passwords more frequently, or leverage very difficult to remember passwords”.
"Paradoxically, password policies that are not user-friendly spur risky behaviour that can undermine security. These policies also raise IT help desk costs as companies allocate more resources to password resets," he warned.
According to the survey, 25% of respondents tried to cope with their multiple passwords by putting them on a spreadsheet or other document stored on the PC. Twenty-two percent of respondents recorded their passwords on a PDA or handheld device, while 15% kept a paper list somewhere at work.
Eighty-two percent of respondents used IT help desk staff when they forgot or lost their passwords, costing employers in both help desk and employee-waiting time.
