There's a security show running in London right now called Infosecurity Europe 2003. As a promotional tease, the organizers of the event arranged a frightening little survey. They went to London's Waterloo (train) Station and looked for people in business dress with briefcases and other trappings of business and asked them for their computer passwords from work.
75% (gasp!) of respondents gave the password without any further prompting. 15% more were tricked into providing it through a simple course of social engineering, the kind you might do to anyone in a business into which you want to hack. For instance, some people were asked how they chose their password. A self-identified CEO said that he used his daughter's name, and then gave his daughter's name when
asked. Amazing.
Read more
75% (gasp!) of respondents gave the password without any further prompting. 15% more were tricked into providing it through a simple course of social engineering, the kind you might do to anyone in a business into which you want to hack. For instance, some people were asked how they chose their password. A self-identified CEO said that he used his daughter's name, and then gave his daughter's name when
asked. Amazing.
Read more