I work in IT for an international Fortune 500 company. Our passwords for users and admin are ridiculously simple. *0% of user passwords are either their name, their kid's names or the company name with two digits. I cracked a random sample of passwords (*00) in just under * hours. *8% percent of those cracks were done using a dictionary attack. Remember this is a HUGE company.

Can someone tell me or estimate the odds that an outsider would try to hack us? I know a difficult question to answer, but as a newbie I'm relying on your experience and knowledge. My IT job kinda sucks and I would like to put a proposal together to improve corp security and create a new job for myself.

Our company has firewalls, a DMZ and passwords for everything. However we have no dedicated pen test staff, no pass auditing and I really doubt anyone checks the logs....

I would especially like to hear from you Mike*0* on this matter....thanks guys.