Fewer people willing to swap passwords for chocolate!

The organisers of this year's Infosecurity Europe event, which takes place in London next week, said the results marked a significant improvement compared to their previous studies, and that it appeared concerns over information security were finally filtering through to workers.

However, closer analysis revealed that all was still far from being good! To begin with, the survey of 576 office workers found that women were still highly susceptible to be duped into giving away their passwords to total strangers.

Almost half (45%) of women compared to 10% of men gave away their password to strangers masquerading as market researchers, with the lure of a chocolate bar an incentive for filling in a fake questionnaire.

When asked for their date of birth, a "very naive" 61% of all those questioned gave up the information. The research also showed that over half of people used the same password for everything - such as at work, for banking, web access... etc.

Honest looking!

"Our researchers also asked for workers names and telephone numbers so they could be entered into a draw to go to Paris. With this incentive, 60% of men and 62% of women gave us their contact information," said Claire Sellick, event director for Infosecurity Europe.

Providing a combination of name, phone number and date of birth made people far more vulnerable to social engineering and identity theft, she claimed.

Workers were also questioned about their use of passwords at work, with half claiming to know their colleagues' passwords. When asked if they would give their password to someone who phoned and said they were from the IT department, 58% said they would.

Most people used only one (31%), two (31%) or three (16%) passwords at work, but a few used as many as 32! It was also found that 43% of people rarely or never changed their passwords - described as "very poor security practice".

Claire Sellick said that when one man was told the true purpose of the study he said the researchers looked "so well dressed and honest" that he didn't think they could possibly be criminals - a sentiment echoed by many others taking part!

Do you know what makes a "good" password? We asked an expert last year - read what he told us for our special report 'Why my password's better than Y0ur P@$$word'.