Would you sell your password for $150?

No. At least I hope you wouldn’t sell the password to your bank account for $150.

A recent survey from SailPoint, however, found that one in seven users would be willing to sell the password they use at work to the highest bidder–some for as little as $150. Many users are cavalier or oblivious when it comes to protecting passwords even when the password is literally the only thing protecting their accounts and identities.

I wrote a post about the password survey and poor password security practices:

Corporate passwords for sale, $150 OBO. That, apparently, is how little some employees may take in exchange for compromising their company’s security.

SailPoint’s Market Pulse Survey, compiled from responses from 1,000 workers from large companies with at least 3,000 employees, offers vivid examples of how easily one person can create a lot of risk—and why passwords alone are simply inadequate.

Here are some highlights:

• 1 in 7 employees would sell a corporate password for as little as $150.
• 56 percent of those surveyed admit to reusing passwords across corporate applications they access.
• 14 percent of those surveyed claim to use the same password for every application.
• One in five of the survey participants routinely share login credentials with other members of their team.

The reuse of passwords is particularly alarming. “Employees may have moved away from the post-it note password list, but using the same password across personal and work applications exposes the company,” said Kevin Cunningham, president and founder of SailPoint, in a statement.

Sharing passwords with other coworkers is probably seen as a friendly or expedient thing to do. Unfortunately, it makes it much more difficult to contain or enforce password security, or to trace the source of a breach or compromise.

Lax at work, worried at home
While many of the employees surveyed apparently were lax about corporate security, they were cautious about their personal online security. Twenty percent of those surveyed said they’d been the victim of a data breach. Ironically, the same proportion (20 percent) said they’d stop doing business with a company that put their data at risk—like maybe their company?—and fully half said they’d tell their friends and family to do the same.

You can read the complete post at PCWorld: Selling passwords for $150, and other dumb ways users threaten corporate security.

• About
• Latest Posts

Tony Bradley

Editor-in-Chief at TechSpective

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

Latest posts by Tony Bradley (see all)

• Unpacking the Marketing Challenges of Small Businesses in 2024 - April 23, 2024
• Navigating the Rising Tide of Phishing and BEC Threats - April 23, 2024
• Streamline Security with AI and Dynamic Detection Analysis - April 22, 2024