Another Study of Password Use
Over the years, there have been studies of passwords used that have told us over and over that we (the public) do not choose strong passwords. The latest confirms this – again.
This study, however, was a little different than most that have gone before. Instead of using surveys to ask about password information, they actually had a list of 32,000,000 passwords that were posted because of a security breach. Using the list of passwords, Imperva did some analysis and guess what? They came up with the same problems we’d seen in earlier studies:
- Passwords were too short
- Used just alpha-numeric characters
- Used identifiable names or dictionary words or slang
So, for years we’ve been touting the use of stronger passwords, but have people actually taken notice? Doesn’t look like it. “You can lead a horse to water . . . ” So, what is to be done?
It’s time for a different security mechanism – we can’t change human nature. What’s coming? There are many techniques being researched. Just a few:
- One-time passwords
- Security tokens
- Single sign-on
- Graphical passwords
- 2D Key
- Cognitive passwords