Many articles have been written recently suggesting better construction of passwords and management of them. However the greater the complexity and the more frequently the user changes the password; so the more difficult it is to remember them!
The answer is of course a combination of something that changes regularly and a strong password – we call it tokenless authentication – a combination of a static password thats 6-8 characters long combined with a passcode of 6 or more characters sent out of bound to the mobile (or generated on an app on the phone or tablet devices) which together creates an ‘otp’ (one time password). This process was invented over ten years ago by SecurEnvoy and has progressed and enhanced so anyone can access from anywhere from any device.
The leaks we have seen today:
1. One in five Microsoft logins are in hands of hackers
Checks on Microsoft Account logins have found that about 20 percent are on industry lists of compromised credentials, exposed via hacks on other service providers where passwords have been reused
2. Formspring springs a leak: 28 MILLION passwords reset after raid
Social networking service Formspring has told its 28 million users to change their passwords following the discovery of a security breach. A sample of 420,000 password hashes for the question-and-answer website have been posted online, sparking concerns that the entire user base might have been exposed. In response, Formspring disabled users’ passwords and applied a reset as a precaution.
3. Will Tech Industry Ever Fix Passwords?
What LinkedIn and other recent breaches tell us about widespread security risks as we embrace social media and cloud applications in the enterprise.