updated 2/23/2012 9:53:45 AM ET 2012-02-23T14:53:45

Employees in charge of sensitive personal information rarely take the basic precaution of changing their default password to something more difficult to guess, according to a new survey by the Russian security firm ElcomSoft.

Ironically, the same survey found that more than 75 percent of respondents said they would make their companies' password security policy stricter if given the opportunity.

Released yesterday (Feb. 22), ElcomSoft's study gathered answers from more than 460 respondents in the fields of computer law, education, finance, forensics, government, military and science. An undefined "other" made up about 45 percent of the survey pool.

[Password Overload: How Can Anyone Remember Them All?]

Surprisingly, only 28 percent of respondents said they "always" changed their default passwords. The remaining respondents were split between 22 percent who said they "rarely" kept their default passwords, 25 percent who "sometimes" kept them and 25 percent who "very often" kept the passwords assigned to them.

Only about 25 percent said they regularly changed their passwords.

"The rest will either change their passwords infrequently (24 percent), sporadically or never," the report said. "This information should really raise an alert with IT security staff and call for a password security audit."

The researchers are right: Without a strong, difficult-to-guess password, your personal information, and any other digital data you don't want people to get their hands on, are at higher risk of being exposed. For those in charge of their employees' data, the risk grows exponentially — if your account is exploited and you're holding the key to everyone else's data, then everyone down the line is in trouble.

Weak passwords pose serious problems, especially for those guarding sensitive information. Thankfully, there are several ways to bolster your password strength and make sure the keys to your digital castle remain firmly in your possession.

Never re-use passwords across several online accounts. Make sure all of your passwords are at least eight characters long, use both upper- and lower-case letters and also contain numbers, punctuation marks and other special characters.

For a more complete list of tips and directions on how to create a strong password, click here.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments