“Passwords are the worse irritating thing since the invention of the PC.” A common response to hear when asking the average computer user what they hate the most about their daily job. A second round of questions unveil it’s the need to frequently change passwords and have to remember un-remember-able strings of characters and numbers. And when the password is finally remembered, its time to change it again. What gets me even more puzzled is passwords are one of the easiest credential mechanisms to break into. And with cyber fraud being the currently undisputed leader by amount of money lost compared with any other illegal activity, you would think someone would have come up with a better way to validate a user is who he/she says they are – without irritating the users.
Although nothing new, its interesting to see how the statistics of weak passwords are no different than they were years ago http://www.worldstart.com/tips/tips.php/5377. The art of proving passwords as a credential mechanism is not the way to go, is magnified at http://www.skullsecurity.org/wiki/index.php/Passwords. This site (one of many like this) assists with tools and hints on how to crack passwords.
So why are over 90% of US enterprises still relying only on passwords to protect their digital resources?
categorized under: Credential Mechanisms, Cyber Fraud, Identity Credentials, Security Passwords, SCADA APT
View All 
