Passwords: The Weakest Link

By Nick Savvides, Business Manager, Information Protection, Symantec

Passwords; most of us depend on them to protect our information and more importantly, our online identities. But passwords may be the largest security liability of the internet. They put consumers, corporations and the wider online world at significant risk due to numerous weaknesses:

  1. People. Most organisations allow users to create their own passwords and people tend to choose memorable passwords rather than secure passwords. 91 percent of all passwords used are found in the top 1000 most used passwords and more than 10 percent of PINs picked at random will be 1234.
  2. Passwords are easily lost or stolen. Many people reuse the same password on multiple sites for convenience – creating a massive exposure for an individual’s entire online identity. Once a hacker has the password to one account, they can unlock a huge quantity of personal, financial and corporate information.
  3. Recovery is flawed. If a user loses or forgets a password, the usual recovery method involves questions only they should know the answer to. Unfortunately the answers to these questions can often be found elsewhere online or can be stolen by hackers using social engineering methods.

Today’s IT departments are faced with the challenge of supporting the explosion of cloud-based apps and always connected devices, where many times the only thing between company data in the cloud and an attacker, is a password – and passwords alone are vulnerable, costly and complex.

For some time the answer to address these traditional authentication weaknesses appeared to be biometrics. But using biometrics for online security has rarely been seen outside Hollywood movies and consumers have been put off by high error rates and privacy concerns, while organisations find server-side biometric templates too risky to hold and as such, are prized targets for cybercriminals.

However the tipping point for biometric security is approaching and the technology is maturing. Over the next two years biometric security is predicted to meet end-user and organisational demands for both convenience and security and due to developments in the biometric security landscape, such as the rise of the smartphone, we can now combine multiple authentication factors in the security software space that are easy-to-use, but do not require the use of passwords.

Eliminating passwords improves the security and convenience of two-factor authentication and allows organisations to confidently embrace cloud and mobile with secure access from any device.

To hear more from Symantec, register to attend Data#3’s JuiceIT 2016.

Tags: JuiceIT 2016



Managed Services eBook
Your guide to Data#3 Managed Services

Digital disruption is causing significant changes in the workplace, leading to higher expectations for access, security, and support regardless of…

JuiceIT Guest Blog | How XDR can help when time is of the essence

The only thing worse than cyber threats is an inability to detect those threats in time. Organisations need the…

JuiceIT Guest Blog | Veeam Platform: Reliable and Fast Recovery from Ransomware in a Hybrid World.

Ransomware attacks have become a growing concern for organisations of all sizes in Australia and New Zealand, resulting in significant…

Customer Story: Pernod Ricard Winemakers

Azure Migration gives Pernod Ricard Greater Flexibility and Improved Performance Download Customer Story Contact a Specialist…

Why would you deploy SASE?
If Secure Access Software Edge (SASE) with Cisco Meraki is the destination, what does the journey to get there look like?

Firstly, let’s set the scene. The term SASE was first mentioned by Gartner Analysts in July 2019 and Gartner continues…

Data#3 named (HPE) Platinum Partner of the Year and Aruba GreenLake Partner of the Year
Data#3 enjoys double scoops at HPE/Aruba awards night

December 08, 2022; Brisbane, Australia: Leading Australian technology services and solutions provider, Data#3, is proud to announce that it has…

Azure BaaS
Protecting Data in a Cloud World: Will Backup as a Service be what Keeps Your Business Online Through a Crisis?

Very few organisations could run in a technology-free environment, so naturally, strong IT departments put considerable effort into business continuity…

Azure Site Recovery
Beyond Backup: The Role of Azure Site Recovery in Business Continuity

In the first of our Azure Backup blog series, we discussed the value of data, and the critical importance…