FB pixel

Consign World Password Day to depths of history, says security firm

Categories Access Control  |  Biometrics News
 

The first Thursday of May is annually designated World Password Day. The day was created by Intel to promote better password habits and create awareness for the need for good password security.

One expert however is using this year’s World Password Day to emphasize the need to move beyond passwords and adopt multi-factor authentication, where a user is asked to provide an additional method to prove their identity.

Allen Storey, Chief Product Officer at Intercede said in a statement: “Bill Gates famously predicted the demise of the password back in 2004. However, fast forward 14 years and it’s arguably still alive and well; here we are celebrating another World Password Day. Whilst the day serves to raise awareness for the importance of strong passwords and best practice for online security, its effectiveness is questionable. Passwords remain the main culprit for the majority of the large-scale cyber breaches we’ve seen in recent years. Despite this, year after year we see an influx of reports on the ‘most common passwords’ being as easy as ABC or 123. The reality is this authentication method is inherently insecure and easy to hack for even the most amateur of cybercriminals. Yet we continue to use them to secure our most private information.”

“However, we can’t just blame consumers. Research we conducted found that 86 percent of systems administrators within major UK enterprises — those people that hold the keys to ‘access all areas’ — are using basic username and password authentication to protect sensitive data (20% don’t even bother with a complex password). What’s more, half of the companies in question admitted that business user accounts in their organisation were ‘not very secure.’ This screams irresponsibility, especially as GDPR [General Data Protection Regulation] looms on the horizon. If businesses can’t be trusted to properly secure access to critical information, how can consumers trust those businesses with their personal data?”

“If anything, World Password Day highlights that we’re still not taking security seriously enough. More robust, readily available alternatives are still being overlooked. The right security methods are out there and incorporate two of three distinct elements – possession (something you have, such as a smart card or smartphone), knowledge (something you know, such as a PIN) and inherence (something you are, such as a fingerprint or face ID). These multiple levels of authentication make it much more difficult for cybercriminals to compromise – all it takes is a willingness from companies to implement. With this in mind, it’s time we stopped scratching our heads trying to recall a ‘memorable place’ or our ‘first pet’s name.’ Like passwords, World Password Day should be consigned to the depths of history.”

Storey works for Intercede, a cybersecurity company specializing in digital identities, derived credentials and access control, enabling digital trust in a mobile world.

Article Topics

 |   |   | 

Latest Biometrics News

 

Yoti trumpets NIST age estimation results and testing plans

A new facial age estimation algorithm submitted by Yoti to the U.S. National Institute of Standards and Technology has placed…

 

Indonesia tests new digital ID system, calls on ASEAN to speed up DEFA negotiations

Indonesia is rolling out the limited release of its new digital government platform INA Digital. In this first phase, INA…

 

Colorado legislators wrangle laws on facial recognition in schools, data protection

Regulatory winds are blowing from both directions in Colorado, where a moratorium on AI facial recognition cameras in schools is…

 

Ethiopia kicks off digital ID enrolment drive in Addis Ababa

A month-long digital ID enrollment campaign gets underway in the Ethiopian capital, Addis Ababa, today October 10 in a move…

 

mDL authentication and biometrics among new modules from Veridocs

Kentucky-based authentication and identity management software maker Veridocs has launched modules for mobile driver’s license authentication, biometrics, mobile device verification…

 

Moldova works on aligning digital ID regulation with eIDAS 2.0

Moldova is working on aligning its digital ID regulation with the European Union and its Digital Identity (EUDI) Wallet. The…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events