bit

 
 
 For items published 2007 + please visit Monitor Online here To monitor Home page
University of Canberra home page

 
Monitor Archive Home
Vice Chancellor
Columns
Articles
Events calendar
Photo Album
Media Releases
Diversions
Classified Ads
Archives
About
Search Monitor Archive
To contact Monitor Online:
monitor@canberra.edu.au
Location: 1C73
Copyright © 2005 University of Canberra
Updated February 9, 2007

 

13 January 2006

Study reveals lack of email password security a potential risk for identity theft

One in two e-mail account users are not adopting correct password security and are potentially at risk of user identity theft, according to recent research undertaken by University of Canberra academic, Associate Professor John Campbell.

The study, a collaboration between Griffith University and the University of Canberra, involved a survey of around 900 first-year university students, and revealed a worrying lack of concern about password security.

Professor Campbell, who headed up the study, said that many people use passwords that are easy to guess, such as the name of a family member or pet.  

"Using meaningful data or combinations of words makes passwords easier to crack," Professor Campbell said.

The study also found that between half and two-thirds of respondents used the same or similar passwords for different email accounts. This creates a significant security risk as once a password has been cracked it is easy to guess other passwords that may be used for applications such as an online banking account.

While passwords that use a long mix of random characters are the most difficult to crack, Professor Campbell said the study found that only 11 percent of users chose this form of password. The most secure are those that appear to be composed of random characters. One recommendation Professor Campbell made was to use the 'pass phrase' approach to password generation where the first letters of a phrase are used; for example, "my dog's name is Jazz!" (MdNiJ!), or "You can't spend what you ain't got" (YcsWyaG).

In addition the study found that more than a third of respondents chose to give their passwords to someone else.

By not adopting secure management practices, the majority of users in turn expose organisations to higher levels of risk and potential breaches in security.

More than 80 percent of those surveyed used the computer mainly for the Internet, e-mail and home use; 47 to 50 percent for banking and work; and 15.2 percent for other areas of use, such as study and research, entertainment, and online purchasing and selling.

Professor Campbell conducted the research in collaboration with Dr Kay Bryant of Griffith University.

UC Communications

Gaye Morrison
T: 02 6201 5855
M: 0409 470 755

Kaddie Pass
T: 02 6201 2681

For further information about Monitor Online, contact the editor: monitor@canberra.edu.au

Copyright © 2005 University of Canberra

Last Updated on August 1, 2005