Why passwords are a terrible method of authentication
RayaHristova, Getty Images/iStockphotoWhy passwords are a terrible method of authentication Watch Now It's something most of us access daily, and something that can cause great frustration: passwords. We have too many passwords, and are frequently fe

Why passwords are a terrible method of authentication Watch Now

It's something most of us access daily, and something that can cause great frustration: passwords. We have too many passwords, and are frequently felled trying to remember which password was used for which device/website/app. Frances Zelazny, Vice President at BioCatch, spoke with TechRepublic's Dan Patterson about the problems with passwords. The following is an edited transcript of the interview.

Dan Patterson: Frances Zelazny, you are the Vice President at Biocatch. Let's talk about passwords and security. Why are passwords a terrible form authenticating my identity and my actions within a session?

Frances Zelazny: Well, simply put, most passwords can be hacked within about 13 seconds, I guess, or less. Because we don't really make many uses of all the permutations that we can. And so most people have a portion of their name or four digit numbers that are very easy to guess. And a lot of people still, even with all the threats that we hear about, will put their password under a sticky note, you know, under their keyboard or on the side, making it even that much more easy to steal and borrow.

SEE: Network security policy (Tech Pro Research)

Dan Patterson: So what if I have a virtual sticky note? By that I mean a password manager like Last Pass, One Password, Dashlane. Are those passwords just as vulnerable?

Frances Zelazny: Well, essentially those are just storing the credentials that are, again, easy to guess. You'd be surprised how many people use 1,2,3,4 as their passwords or the default admin password that a lot of passwords are just Password. And so it doesn't take that much to guess what those are. And also in an age of hacks and breaches, when you get into people's records, their passwords are there in plain sight to be used.

Also see

Special report: Cybersecurity in an IoT and mobile world (free PDF) (TechRepublic) Orbitz says hacker stole two years' worth of customer data (ZDNet) Dark Web: The smart person's guide (TechRepublic) Yahoo users can sue over data breaches, judge rules (ZDNet) 5 ways to build your company's defense against a data breach before it happens (TechRepublic)
...

This article is republished from www.techrepublic.com under a Creative Commons license.

RELATED POST