Security of data is the big thing these days. From small to big organisations, clients are now more concerned about their vulnerability than ever before. Two-factor authentication is now being used by many top sites but the password doesn’t seem like it’s going away anytime soon. In this report which was obtained from Info Security Magazine, up to 90% of password can be cracked in seconds. That’s how bad it is. The problem, researchers said, is that everything that we thought to be true must be reconsidered given advances in technology.
“Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust,” said Duncan Stewart, a director of research for the report. “But these can be easily cracked with the emergence of advance hardware and software.”
For instance, a machine running readily available virtualization software and high-powered graphics processing units can crack any eight-character password in about five hours, he noted.
But as ever, human behaviour gets in the way when it comes to being safe. Specifically, the inability to remember multiple unique 24-character password strings. The limitations of most humans’ ability to remember complex credentials means that there is a tendency for password re-use, which also puts password security at risk. If a hacker cracks even an innocuous account, like a grocery store loyalty card, the credentials are likely to have been used elsewhere, like for online banking. Once a hacker has a password, he or she can potentially have the keys to the cyberkingdom based on most consumers’ behaviour.
“Moving to longer passwords or to truly random passwords is unlikely to work, since people just won’t use them,” Stewart said.
However, all hope is not lost: Multifactor authentication using tokens, cellphones, credit cards and more are likely solutions. That means that having additional passwords sent through SMS to a phone, a requirement for fingerprints and other biometrics, or even ‘tap and go’ credit cards may be the norm in the future, he concluded.