RSA highlights password concerns

Multiple passwords a security risk, survey reveals

  • E-Mail
By  Published  December 8, 2006

The burden of multiple passwords continues to pose a significant IT security risk and encourages end-user behaviour that endangers compliance initiatives, according to the results of a new password management survey by RSA, which took place during Gitex last month.

“Password management continues to cause headaches and frustration for both those overseeing corporate password management and end-users accessing a growing number of applications daily,” commented Kieran Hernon, RSA’s country manager for the UAE.

“The unfortunate result of inefficient and cumbersome password management can be a security breach,” he added.

“Perpetrators of both internal and external attacks will look for the easy way in, and obtaining passwords — either through theft or social engineering techniques — could be the first place they’ll start. Password management technology, combined with strong authentication and continuous end-user education will help to alleviate this risk.”

RSA’s survey polled a cross-section of business visitors to the Gitex trade show in Dubai last month. Over half, 53%, of these respondents claimed their company’s desire to avoid end-user frustration actually prevents their organisation from enforcing frequent password changes and/or strong password policies.

Meanwhile 32% claimed that they are extremely concerned about the imput of passwords, with 24% finding the issue “moderately concerning.” And 13% of those questioned said they knew of a corporate security breach that had occurred due to a compromised password.

As part of its survey, RSA asked respondents whether it would be helpful to have a ‘master password’, that would replace all other passwords at work. While 56% replied that this would be “extremely helpful”, 81% of respondents said that it would also be “extremely important” to then provide an added layer of protection for such master passwords.

Most of the Gitex visitors surveyed said they viewed password management as fundamental to compliance — 40% rated password management as extremely important to achieving compliance while a further 30% felt it was moderately important.

The survey also showed that end-users are overwhelmed by the number of passwords necessary to access business applications, websites and portals and that this has resulted in risky behaviour on the part of some users.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code