Many of today’s computer users are forced to use so-called ‘strong’ passwords containing a mixture of upper and lower case characters in combination with numerals and punctuation marks. It is argued that such passwords provide a more secure and robust IT environment. But Dr Richard Atkinson of Loughborough University’s Computer Science Department has revealed that the reason for this initiative is not security but to address the shocking level of bad language in old passwords. Typical examples he found during his research included ‘workiswank’ and ‘letmeinyoubastard’.
“Office passwords are actually pretty much unnecessary, given how little of value is protected by them,” explained Dr Atkinson. “But our studies show that many users got inspiration for their passwords from swearing about their workplace environment. It was actually quite appalling how many ‘fuckwits’ and ‘dickheads’ there were in IT.”
It is believed that the initial move towards strong passwords followed an unfortunate incident at a large insurance company in Basingstoke. There was a need to access data held on a sick employee’s computer so the HR Director called him at home to ask for his password. On his return to work, the employee faced disciplinary action and was forced to change his password from ‘ihatethisfuckingjob’.
Dr Atkinson argues that strong passwords could actually compromise security, due to the need to write them down. “Look in the top drawer of a desk in any office nowadays and the chances are that you’ll find a piece of paper with something like ‘F4dy7z#7S’ written on it. In the past, staff could easily remember ‘bollockstothis’ or ‘mybossisatwat’” he said.
It would seem that Dr Atkinson has a point. Statistics show that the amount of cyber-crime has not been reduced since the introduction of strong passwords. It appears that access to your data is just as secure with a password of ‘idontgiveashit’ as it would be if you changed it to ‘Id0nt91vea$h!t’.
