Hackers are increasingly resorting to social engineering techniques to obtain confidential passwords, as businesses become better at locking down and patching their computer networks.

And the bad news is that users are still very much the weak link when it comes to choosing and protecting their passwords, according to the results of a survey of IT security experts.

It found that 15 percent of those asked in an online questionnaire to give their network passwords in order to be entered into a prize draw happily clicked through to the page ready to divulge the information.

Paul Vlissidis, head of risk services at technology consultancy NCC Group, which carried out the survey, told silicon.com that the problem of staff -- and especially those in IT who should know better -- being lazy with passwords is leaving companies at risk.

[ Read more ]

Related items

• Article: How to Use Passwords Securely (22 April 2003)
• Article: Implementing Basic Security Measures (14 April 2003)
• Article: Cracking OpenVMS Passwords with John the Ripper (28 November 2002)
• Article: What makes a good Password? (13 November 2002)
• Article: A Note on Proactive Password Checking (24 September 2002)
• Article: Basic security with passwords (24 May 2002)
• Article: Passwords - The Weak Link (1 April 2002)