Psst, Here’s My Password

From Jon Udell in InfoWorld, a remarkable statistic claimed in an unnamed study:

A recent survey found that 75 percent of Dartmouth students have shared their network passwords…. “They like having someone who can check their e-mail for them or log them in to places where they’re supposed to be.”

At first I was skeptical of this factoid, but then I re-read, thinking about the “have shared” phrase. If you lower the hurdle to “have shared” from “share” then I suppose it is possible. After all, most people I know have shared a password with someone at some point. That is not the same thing as saying that they do it as a rule.

More broadly, I’d argue that isn’t such a bad thing. To the extent that security in next-generation identity management tools makes it impossible for me to have someone else act as me on an ad hoc basis then I’d say said security tools are broken. Now and then I want to be able to say, “Pssst, here’s my password!”