Security Market Segment LS
Wednesday, 03 August 2016 14:33

Passwords are so passé

By

There is a major move to remove the average, highly insecure password and replace it with all manner of things – biometrics, voice authentication, two-factor (or more) authentications and so on. Why is the humble password so maligned?

 The fact is that we are largely incapable of selecting different passwords for each use, let alone making each a complex string of unmemorable letters, symbols, and numbers. Interestingly Barclays Bank UK has said that passwords are out, and voice recognition is in – at least it has over 100 characteristics that can be measured. Other banks like HSBC will be implementing touch ID and facial recognition.

Microsoft has also beefed up its Windows 10 security, in particular extending Windows Hello to both facial recognition and other biometrics like fingerprints.

iTWire sought comment from Centrify, a leading enterprise identity management company. Lachlan McKenzie, ANZ manager for Centrify, warned that many Australian and New Zealand companies risk their IT security by over-relying on passwords. The remainder of the commentary is paraphrased.

Centrify McKenzieThe most disturbing observation I have found in my first year at Centrify is the blind faith businesses place in passwords. The fact is that compromised credentials are the leading attack vector for data breaches globally.

One problem is that people are lazy at creating effective passwords. Because we’re expected to remember them, many people choose passwords that are easy to recall – to a ludicrous degree. Recent hacks reveal the most popular passwords include 123456, qwerty and, of course, password.

If you must use passwords use a reputable password manager like LastPass or KeePass. Passwords must be:

  • As long as possible – 10-15 characters
  • A mix of alpha, numeric, symbols and upper and lower case
  • Different – DO NOT USE the same or similar root section for multiple websites
  • Never written down or shared or stored in plain text – use a password vault

Passwords also fail due to poor security habits, such as password sharing. Although we’re all warned not to share our passwords with family members or colleagues, people continue to do it.

Passwords can easy be sold on the dark web as evidenced by the majority of breaches coming from stolen or purloined credentials.

The solution to this password problem is well known - use mature security standards such as SAML (Security Assertion Markup Language) and use multi-factor authentication but the challenge is to encourage businesses to make this sort of protection a priority.

Last month, Rémy Cointreau, one of the world’s leading alcoholic beverage brands, (ITWire article here) reported it is using the Centrify identity management and mobile management platform to support its 1800 employees globally, who access, on average, 20 different cloud- and web-based applications per day.

iTWire has a further article from Centrify’s US-based VP, David McNeely here who also warns that an over-dependence on passwords and a reliance on passwords that provide “as much protection as a piece of paper in a rainstorm” leaves many organisations vulnerable to cyber threats.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments