The end of strong password-only security
Posted on 18 January 2013.
More than 90% of user-generated passwords will be vulnerable to hacking in a matter of seconds, according to Deloitte's Canadian Technology, Media & Telecommunications (TMT) Predictions 2013 report.

"Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust. But these can be easily cracked with the emergence of advance hardware and software," said Duncan Stewart, Director of Research, Deloitte Canada and co-author of TMT Predictions 2013.

"A machine running readily available virtualization software and high-powered graphics processing units can crack any eight-character password in about five hours."

It's human behavior and a tendency for password re-use that puts password security at risk. Moving to longer passwords or to truly random passwords is unlikely to work, since people just won't use them. Multi-factor authentication using tokens, cellphones, credit cards or even biometrics are likely solutions.

The report also reveals that the PC is not dead, as more than 80% of Internet traffic measured in bits will continue to be generated on traditional personal computers (desktops and laptops). And of the total time spent on PCs, tablets and smartphones combined, more than 70% will be using PCs. This includes both work and home usage.

Deloitte also predicts that "mobile advertising" will thrive, and that very few additional companies will adopt a bring-your-own-computer (BYOC) policy where the employer pays for the PC. At the same time, 50% of Fortune 500 companies will allow employees to bring their own personally-owned and paid for computers.





Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Nov 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //