Continuity Security

Cyber security: Do you leave your keys in plain sight?


Sometimes when I visit banks I find myself looking at scribbled Post-it notes containing user name and password attached to PCs. I may also see a neatly typed record of the key code necessary to access a secure gate or door within easy sight of any external visitor.

Is this bad cyber security? Sure. And it’s something we learn at home.

We all lock our doors at night, but many of us leave the keys in the lock, or on the side close to the front door, where they’re easier for clever crooks to steal.

So why do we leave keys at risk? Psychologists would have us believe it is for two reasons: We believe that criminals target ‘someone else’; and it’s more convenient. Hiding keys somewhere away from the door they are intended to lock might make greater security sense, but it is inconvenient to have to retrieve them when you want to unlock the door.


Worse still, people leave the ’emergency spare’ key hidden under the front door mat, or under a plant pot outside the house. I mean, who would ever think of looking for it there?

Given the way we manage our keys, it’s not so surprising that many people leave their passcodes in plain sight at work. And our sloppy way of managing keys is only one example of where our habits betray us.

Statistically, most of us select passwords and secret numbers that are based upon numbers or characters of significance. Maybe it is part of a date of birth, or a house number where we have lived. Perhaps our passwords have something to do with our spouse, or our kids, or our car, or our pets, or our friends, or our interests, or a holiday we have been on.

Is this ringing any bells with you and the codes you use? If so, you are unwittingly allowing yourself to be more vulnerable.

Cyber criminals prey on our weakness. Having accessed an individual’s account or PC, they frequently enjoy data harvesting from often unprotected files entitled ‘My Passwords’ or by trawling the email database for helpful prompts sent by the user to themselves, entitled “user name” or “system access”.


Read entire post grey

Leave a comment

%d bloggers like this: