The computer buffs behind PC magazine were left reeling after they sent a female reporter out on the town to pose as a representative for an anti-virus company examining computer users' password habits.
Anybody agreeing to answer a few questions was promised a bar of chocolate in return. And despite repeated calls from security experts for internet surfers to keep a tight lid on passwords, the sugary reward proved a distressingly successful lure.
Of the 34 people who agreed to stop and chat, divided equally between men and women, 23 revealed a selection of their passwords to the reporter, in some cases for pay sites but also for social media sites such as Facebook.
In a considerably more scientific study, the magazine also asked 5,000 computer users to assess their password management skills.
A majority of respondents reported using more than five passwords, a fact that sometimes led to problems. Only 30 percent said they never forgot a password. Three out of four said they use the same password in several different places, while two thirds admitted neglecting to change their passwords at least once a year.