Complex Passwords May Not Be As Secure As Simple Ones

By   ISBuzz Team
Writer , Information Security Buzz | Aug 18, 2016 02:30 am PST

Following CyLab’s research into passwords, customer identity management firm Gigya commented below. Gigya works with brands such as Rolex, Coca-Cola and Red Bull to help them create mutually beneficial relationships with their customers.

Richard Lack, Director of Sales EMEA at Gigya:

Richard Lack“The news of CyLab’s research into passwords demonstrates the need for security awareness when it comes to authentication. In fact, 26 per cent of consumers tell us that they have had an online account compromised in the past 12 months, yet 56 per cent use passwords that they know are not secure, such as those that include their names or birthdates.

At a time when the number of devices we own is rising sharply, the future lies in methods of authentication without passwords, which consumers clearly favour, both in terms of convenience and enhanced security. Our survey found that 52 per cent of consumers would choose anything but a traditional username and password account registration when given the option.

Currently biometric identification is seen as the higher standard for verifying identity. Not only is it not prone to forgetfulness like the password; it is also more secure. What’s more, 80 per cent of consumers believe biometric authentication is more secure than traditional usernames and passwords.

Nevertheless, all forms of biometric security have their weaknesses. Iris scanning which was recently announced on Samsung’s new devices can be fooled by simply holding up a photograph of the user, which is why Samsung asks its users to blink. Fingerprint verification has been hacked using simple Play-Doh and there are numerous accounts of phones being unlocked while their owners are either asleep or incapacitated due to alcohol.

Over the next few years we can expect to see this technology creep into all handsets, laptops, PC’s and even vehicles, and while biometrics can offer a powerful form of authentication, it is essential that people understand the importance of protecting their biometric credentials. It’s easy to change your password, but impossible to change your fingerprints.”

Recent Posts