Symantec Password Survey

Symantec published the results of a survey regarding password habits of people who read their Security Response Weblog. Nearly 450 readers responded. As you readers of a security blog, their responses probably are far from the norm.
Not surprisingly, the respondents have a lot of passwords. 66 percent report having more than 10 passwords. Its hard to keep track of that many passwords. This leads people to do dumb things.
23 percent of respondent let the browser keep track of their passwords. While Firefox can use a master password to secure these stored passwords, I suspect most people dont use that feature. Browser password caches are merely obfuscated and are not a secure place for your passwords.
7% have a note near their computer. This is ok if your office is secured from outside visitors. But even the home office of a hermit occasionally has workman visiting.
11% use a Word document on the computer. Word or Excel documents can be lost if the computer isn’t backed up. It is also not a secure way to store the passwords. If you’re putting all your financial passwords in one place, wouldn’t it be a good idea to secure them. Perhaps they are in Word and password protected. But that wasn’t specified in the survey.
59% rely on memory. Passwords for work should never be in memory only. If you are hit by the proverbial truck how much productivity will be lost regaining access. For more personal accounts, memory indicates possible password reuse at worse or use of a password scheme at best.
33% use a password manager. That’s great but I found out in 2009 that you need to make sure your backups work if you’re relying on this method.
Check out the link for the rest of the results of this Symantec survey.