The Insecurity of Chocolate

A report released Wednesday by Infosecurity Europe revealed that not only is chocolate good bait for getting someone's password, so is an attractive appearance.

576 office workers in total were polled by the fake researchers in a bid to raise awareness about information security.  Infosecurity Europe hired attractive “researchers” to hand out surveys at the train station.  Those that completed the survey received a chocolate candy bar.  Seems like a decent deal to me!

The same group performed a similar survey in previous years and the results seem to be improving.  Back in 2007, 64% of those polled gave up their passwords but only 21% this year did so.  However 61% still gave up their dates of birth and over half of those questioned admitted that they use the same password for all their accounts.  Perhaps even more disturbing is that more than half of the workers said they knew of their colleagues’ passwords and that more than one-third knew of or knew how to obtain their CEO’s password.

Infosecurity Europe is actually an event, held during the aforementioned Information Security Awareness Week. This year it runs from 4/22 to 4/24 at the Grand Hall, Olympia, London.

Oh, and stay away from that chocolate.