Too many passwords create frustration, security risks

Nearly a quarter of employees have to remember 15 or more passwords, according to a new survey.

A study of almost 1,700 U.S. Businesses found that 20 percent of workers had to over an hour to have their passwords reset by IT support.

Researchers at RSA Security, who commissioned the report, claimed the burgeoning number of passwords people have to remember is costing money because of all the money it costs to reset passwords and the resulting loss of productivity. It is also putting security at risk as people resort to various means to keep track of lists of passwords.

Among the main ways users attempted to remember passwords were; maintaining a spreadsheet or other document stored on the PC (25 percent), recording a list of passwords on a PDA or other handheld device (22 percent) and keeping a paper record of passwords in an office or workspace (15 percent).

"Compliance initiatives have led companies to enforce and strengthen password policies, which has resulted in additional burdens for the end user, such as requiring that employees change passwords more frequently, or use passwords that are very difficult to remember," said Andrew Braunberg, senior analyst at Current Analysis.

Braunberg added that password policies that are not user-friendly "spur risky behaviour that can undermine security."

"These policies also raise IT help desk costs as companies allocate more resources to password resets," said Braunberg.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.