The Intern’s Security Practices Part 1: Passwords

Tell the world!

Being the newest addition to the Defence
Intelligence team and having recently been introduced to the world of security,
I’ve been learning some best practices and adjusting my Internet usage habits.
Over the past few weeks I’ve learned that some of my habits, especially when it
comes to passwords, could use some improvement.
We decided to survey a class of first year
public relations students at Algonquin College, in Ottawa, to see how my
practices compared to theirs. The majority of the class is female with an
average age of 21.
We found that 90 per cent of the students
use the same password for multiple accounts. Personally I use different types
of passwords for different types of accounts. I use the same passwords for
social media accounts, another password for my e-mail, and a separate one for
my online banking. I find it difficult to use a different password for
everything because I use a lot of social media sites.
“It’s interesting that this generation has
been called digital natives yet their security practices are very poor. By
using the same password on multiple accounts they are trading their personal
information and security for convenience,” says Keith Murphy the CEO of Defence

Fifteen per cent of the students said they
change their passwords frequently. For the next survey we will need to define
how often ‘frequently’ is. I only change my passwords if the site prompts me to
or I need to reset my password because I forgot it. I was surprised that 77 per
cent of the students use passwords that have more than eight characters. I tend
to use the minimal allowable amount of characters when I create passwords. I
think that the school’s password standard is seven characters, which could be
why some students are using longer passwords.
With only 45 per cent recording their
passwords in a safe place I’m not surprised that their passwords are changed
often. I’ve trouble finding a place to store passwords. When I discussed this
with Murphy, he said that the best practices were to use encrypted storage or
to write them down. He also recommended to avoid saving passwords in the
browser and on your computer.  The
following article from lifehacker
is very helpful outlining some common mistakes and best practices.  You can also see our tips here.
The following chart shows the type of
characters the students are using to create their passwords:
I’m not surprised that the majority of the
students use upper and lowercases, those are fairly common. What surprises me
is that there is a significant drop when it comes to the use of numbers,
special characters, and punctuation. I didn’t start using special characters
and numbers until Google, Apple, and other sites started showing you the
strength of your password.
In the next blog post we will discuss the
survey results concerning the use of links and security software. 

By Sarah Raphael

Enhanced by Zemanta

Tell the world!

Leave a Reply

Your email address will not be published. Required fields are marked *