August 13, 2012 -
Hackers are now attacking cloud-based software and service providers. With many people turning into mobile devices and many more having multiple accounts, the use of cloud service providers have intensified and so hackers have found a new playground.
Hackers exploit social engineering techniques to compromise ID account and other linked social media accounts via weak password reset mechanisms at the cloud providers themselves. It is easy to guess password or reset it based on commonly used words or basic knowledge about an individual. As more people turn to cloud services, this sort of cybercrime will become common unless security measures are employed.
Dr. Markus Jakobsson, a security researcher and Principal Scientist of Consumer Security at PayPal notes that: “Biometrics combined with brute-force resistant and difficult to guess passwords, which are still easy to remember, are probably the best solution to secure one’s online identity.”
Jakobsson proposed a different type of biometrics, that he called “visual preferences” in a white paper. As the name implies, Jakobsson’s systems uses pictures that are remembered based on user preferences. In this way, it is easy for the user to remember visual cues, but difficult for hackers to ascertain what those visual cues are. Such a mechanism works because it determines an individual’s personal preferences, which like other biometrics modalities, is unique to an individual and thus difficult to crack.
Do you believe “visual preferences” is a quality security measure for cloud-based services?