BALTIMORE -- SafeNet, Inc., setting the standard for information security, announced the results of its second annual global password survey.
Tony Caputo, SafeNet Chairman and CEO, said of the results, "This survey reinforces what we hear from customers about their information security concerns - that passwords alone do not provide sufficient security. That's why our USB token, smart card and other authentication products and solutions are in such demand."
"Whether employees are writing their passwords down, or frequently calling the internal help desk because they can't remember them, the organization can be at risk while experiencing loss of productivity. Technology today has solutions that are appropriate and affordable for every situation."
High Level Results:
-- Fifty percent of employees still write their passwords down
-- Over one-third of the respondents share their passwords
-- More than 80 percent have three or more passwords
-- Respondents use these passwords to access an increased number of applications: 67 percent access 5 or more; and another 31 percent access 9 or more
-- Forty-seven percent require their passwords reset at least once a year
The following is an analysis of 2004 results over 2003, with further breakout by geography.
Organizations' Security Policy
Of all surveyed, sixty-eight percent of organizations have enhanced their security policies by either requiring longer or more complicated passwords over a year ago. Companies requiring password changes three to four times a year increased by one percent, from 22 percent to 23 percent; from five to six times a year also increased by one percent, from 14 percent to 15 percent; while password changes seven or more times a year grew by three percent, from 27 percent to 30 percent. This indicates that a majority of organizations are more sensitive to security issues surrounding passwords.
Data specific to Europe reflects the same trends. France shows a four percent increase of employees required to change passwords five to six times a year, and a three percent decrease in employees who say they never have to change passwords. Germany has the largest change where five percent of employees must change passwords seven or more times, and also have three percent fewer employees never having to change a password. In the UK, there is a three percent increase changing passwords three to four times, a two percent increase with changes seven times or more, and a four- percent decrease of employees never having to change a password.
The survey also indicates a growing trend toward more complicated passwords. This is measured in two ways - either passwords with more characters, or passwords containing alphanumeric composition. Interestingly, there was a decrease of four percent where employees are required to create passwords with six or more characters, but a three percent increase in passwords of eight characters or more, from 19 percent to 22 percent. There was also a two percent increase, 27 percent to 29 percent, of companies requiring alphanumeric passwords.
France and Germany show a one percent increase in the need for alphanumeric passwords; and a higher increase in France, Germany and the UK all requiring passwords of eight or more characters, with France leading the way with a five percent increase, up to 26 percent.