Amnesty for passwordsSESadmin 09/12/2014 Archive
The password, once highly acclaimed as a security precaution, can no longer provide what it once promised. As technology constantly evolves, cyber-criminals also refine their tactics. Simple password protection is facing increasingly sophisticated threats, and can be rapidly bypassed, especially if users continue to use simple passwords in order to make them easy to remember.
Users often have trouble with basic password-protected access, for example because they can no longer remember the relevant password or even the email address that was registered. It is therefore not possible to send a new password, which results in “non-active members”. Or users simply have to remember too many passwords, which results in the next danger arising: the use of passwords that are too simple. As highlighted in various studies, users often use “password”, “123456” or other such sequences of characters that are easy to crack.
Hacked in less than ten seconds
Brute-force attacks can, for example, crack a 6-digit password in about seven seconds. Many users also make the cyber-gangsters’ work even easier as they use the same password for multiple accounts, or never change it. But there is an easy way to make user access more secure without needing to banish the password completely.
Double protection without the need for a token
The use of a combination of factors enables more secure user identification, as is the case with two-factor authentication. This permits access only after the entry of a combination of two factors. In the case of the authentication technology provided by SecurEnvoy, the first factor is something that the user knows (e.g. username and password for access to the company’s computer) and the second factor is something that the user possesses. The SecurEnvoy solutions are especially convenient as they use a tokenless approach, i.e. mobile phones are used for this second factor rather than dedicated tokens. The user receives a passcode via SMS, email, soft token app or in the form of a QR code, and this can then be entered together with the user’s login details to prove the user’s identity. Network access is thus afforded a dual layer of protection.