Security professionals are known to be the enterprise advocates of not only using strong passwords but also changing them frequently – but they may not be taking their advice.
A recent study of close to 300 security professionals conducted at the RSA Conference in San Francisco in February found that 33 percent of respondents haven’t changed their social network passwords in more than a year.
Carried out by security firm Thycotic, the survey also discovered that 20 percent of respondents have never changed their passwords, and close to 30 percent opted to use personal information such as addresses, birthdays and their children’s names as passwords.
While IT security professionals are known to promote complex and frequently updated passwords, according to the results of the survey they may not be practicing what they’re preaching.