Multiple passwords creating insecurity

Employee confusion leaves networks vulnerable

Users burdened with too many passwords

Users are being burdened with too many passwords, and their confusion could undermine IT security, research shows.

A survey by RSA Security shows many enterprise IT users have at least 13 passwords to remember, the result of having to access a growing variety of systems.

The survey of 1,700 ordinary IT users claims that nine out of 10 have grown frustrated with this situation and are getting around it with poor password practice that diminishes IT security, say Victor DeMarines and Sheila Doherty, the survey's creators.

'Often employees of companies will write passwords down and stick them to the sides of screens, or put them in insecure places like their PDA or personal organiser that are vulnerable to spyware and malware,' DeMarines said.

Asked what solution to these problems they would favour, 98 per cent of the ordinary users questioned agreed that they would like to have a master password, or single sign-on system. However, they also acknowledged the vulnerabilities this might cause.

'It was interesting to see that 55 per cent of those users surveyed recognise the security risk grows with master passwords, which indicates that people have become very aware of identity theft issues and the damage they can cause,' DeMarines observed.