Security Market Segment LS
Wednesday, 03 August 2016 14:33

Passwords are so passé

By
Passwords are so passé

There is a major move to remove the average, highly insecure password and replace it with all manner of things – biometrics, voice authentication, two-factor (or more) authentications and so on. Why is the humble password so maligned?

 The fact is that we are largely incapable of selecting different passwords for each use, let alone making each a complex string of unmemorable letters, symbols, and numbers. Interestingly Barclays Bank UK has said that passwords are out, and voice recognition is in – at least it has over 100 characteristics that can be measured. Other banks like HSBC will be implementing touch ID and facial recognition.

Microsoft has also beefed up its Windows 10 security, in particular extending Windows Hello to both facial recognition and other biometrics like fingerprints.

iTWire sought comment from Centrify, a leading enterprise identity management company. Lachlan McKenzie, ANZ manager for Centrify, warned that many Australian and New Zealand companies risk their IT security by over-relying on passwords. The remainder of the commentary is paraphrased.

Centrify McKenzieThe most disturbing observation I have found in my first year at Centrify is the blind faith businesses place in passwords. The fact is that compromised credentials are the leading attack vector for data breaches globally.

One problem is that people are lazy at creating effective passwords. Because we’re expected to remember them, many people choose passwords that are easy to recall – to a ludicrous degree. Recent hacks reveal the most popular passwords include 123456, qwerty and, of course, password.

If you must use passwords use a reputable password manager like LastPass or KeePass. Passwords must be:

  • As long as possible – 10-15 characters
  • A mix of alpha, numeric, symbols and upper and lower case
  • Different – DO NOT USE the same or similar root section for multiple websites
  • Never written down or shared or stored in plain text – use a password vault

Passwords also fail due to poor security habits, such as password sharing. Although we’re all warned not to share our passwords with family members or colleagues, people continue to do it.

Passwords can easy be sold on the dark web as evidenced by the majority of breaches coming from stolen or purloined credentials.

The solution to this password problem is well known - use mature security standards such as SAML (Security Assertion Markup Language) and use multi-factor authentication but the challenge is to encourage businesses to make this sort of protection a priority.

Last month, Rémy Cointreau, one of the world’s leading alcoholic beverage brands, (ITWire article here) reported it is using the Centrify identity management and mobile management platform to support its 1800 employees globally, who access, on average, 20 different cloud- and web-based applications per day.

iTWire has a further article from Centrify’s US-based VP, David McNeely here who also warns that an over-dependence on passwords and a reliance on passwords that provide “as much protection as a piece of paper in a rainstorm” leaves many organisations vulnerable to cyber threats.

Read 4654 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




Maximising Cloud Efficiency - LUMEN WEBINAR 23 April 2025

According to KPMG, companies typically spend 35% more on cloud than is required to deliver business objectives

The rush to the cloud has led to insufficient oversight, with many organisations struggling to balance the value of cloud agility and innovation against the need for guardrails to control costs.

Join us for an exclusive webinar on Cloud Optimisation.

In this event, the team from Lumen will explain how you can maximise cloud efficiency while reducing cost.

The session will reveal how to implement key steps for effective cloud optimisation.

Register for the event now!

REGISTER!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Published in Security
Tagged under
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Latest from Ray Shaw

Related items

More in this category: « Agility can mean the four Fs Anatomy of a mugging – ransomware exposed »
Share News tips for the iTWire Journalists? Your tip will be anonymous
back to top

Subscribe to Newsletter

*  Enter the security code shown: img0

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments