The end of strong password-only security

More than 90% of user-generated passwords will be vulnerable to hacking in a matter of seconds, according to Deloitte’s Canadian Technology, Media & Telecommunications (TMT) Predictions 2013 report.

“Passwords containing at least eight characters, one number, mixed-case letters and non-alphanumeric symbols were once believed to be robust. But these can be easily cracked with the emergence of advance hardware and software,” said Duncan Stewart, Director of Research, Deloitte Canada and co-author of TMT Predictions 2013.

“A machine running readily available virtualization software and high-powered graphics processing units can crack any eight-character password in about five hours.”

It’s human behavior and a tendency for password re-use that puts password security at risk. Moving to longer passwords or to truly random passwords is unlikely to work, since people just won’t use them. Multi-factor authentication using tokens, cellphones, credit cards or even biometrics are likely solutions.

The report also reveals that the PC is not dead, as more than 80% of Internet traffic measured in bits will continue to be generated on traditional personal computers (desktops and laptops). And of the total time spent on PCs, tablets and smartphones combined, more than 70% will be using PCs. This includes both work and home usage.

Deloitte also predicts that “mobile advertising” will thrive, and that very few additional companies will adopt a bring-your-own-computer (BYOC) policy where the employer pays for the PC. At the same time, 50% of Fortune 500 companies will allow employees to bring their own personally-owned and paid for computers.

Don't miss