|
First-of-its-kind study offers insight to password protection |
|
|
|
Tuesday, 06 February 2007 |
by LINDSAY TIGAR
Intern Lifestyles Reporter
It is usually eight to 12 characters long, easy to remember and holds the key to everything that needs to be kept secret.
“Passwords are the gateway to our worlds,” Dr. Joseph Cazier, computer information systems assistant professor, said. “When you give out your password, you are giving them the keys to your car, to your house, to your life.”
Cazier, along with computer information systems graduate Christopher M.
Botelho, conducted a study last semester regarding password security
through the Office of Student Research.
Botelho and Cazier traveled to downtown Charlotte, a hospital within the region and other places to set up a survey booth.
Participants within the survey were asked to fill out a variety of
questions about themselves, including general demographics, favorite
sports team, children’s names and information about their experience
with passwords and security training.
The survey was completely safe, participants were told what the survey
was for, where the survey conductors were from, and that they were
conducting a research study, Cazier said.
“We wanted to find out how people reacted to a complete stranger asking for their password,” Cazier said.
In fact, the last question on the survey was, “In order to facilitate
creation of solid data, we would appreciate if you would provide one of
your passwords. This information will be held in the strictest of
confidence and will be used only to generate a number that describes
the characteristics of your password and then destroyed.”
Over 50 percent of those surveyed in Charlotte willingly gave their
password to Cazier and Botelho. At the hospital, the percentage was
even higher.
“We chose to go to Charlotte because it’s a huge financial center where
people are trained in banking and security,” Cazier said. “People that
had traditional security training within the last six months had more
secure passwords but what was a surprise was that they were equally as
likely to give their passwords as those who didn’t.”
Appalachian students who will join the work force in the next few years
may be trained in password security. Employees who reveal their
password can damage an entire company.
“Students need to understand the risks and consequence of not being
secure,” Cazier said. “In any job, where it be a financial institution
or another professional organization, you could lose your job from it.”
A similar study was conducted with Appalachian students, and 85 percent of students gave their password away.
“Students are more trusting,” Botelho said. “College is in the
in-between from living with your parents and being in the real world.
You want to trust your professors or anyone else who may ask for your
password, but you don’t realize what you’re doing if you do.”
Students and adults are not only at risk if they willingly tell others their passwords, but if they have
passwords that are not secure.
“If you get to know someone fairly well, there is significant chance you can guess their password,” Cazier said.
Not having a secure password can lead to a higher risk of identity theft from hackers.
Eweek Magazine published an article in September 2006 about the lucrative business of computer hacking.
According to the magazine’s research, a hacker can make up to $430 in a
single day from hacking passwords and stealing identities.
College students tend to be better targets for identity theft or, as www.bankrate.com calls it, “an identity thief’s dream.”
Some professors may post their students’ grades by their social
security number and that, along with an insecure password, may lead to
identity theft.
Appalachian State’s Computer Systems Security Policy advises students
to create a password that is at least six characters long and has a
combination of numbers and symbols as well as have nothing to do with
distinguishable features about the individual such as a birthdays or
names.
Trackback(0)
 |
Lifestyles 
TrackBack URI for this entry
Show/Hide comments
