1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Your users have porous passwords? Blame yourself, IT.

Discussion in 'CSO' started by RSS, Sep 27, 2016.

  1. RSS

    RSS New Member Member

    Maybe IT needs to tone down its security awareness efforts. New research by psychologists into password strength delivered the non-intuitive conclusion that users who are well briefed on the severity of security threats will not, as IT had hoped, create stronger passwords to better protect themselves.

    They actually tend to create much weaker passwords because the briefings make them feel helpless, as if any efforts to defend against these threats are pointless.

    The research, from a Montclair State University study — detailed here in a story from The Atlantic — suggests that IT staffers need to make sure that they emphasize how powerful a defense passwords, PINs and secure phrases can be in defending against threats, at least until we are able to deploy better authenticators.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page