Home > Security > Password Security – the Joke of the Century

Password Security – the Joke of the Century

It looks like people finally seem to grasp the importance of password security.  Passwords that contain numbers, letters (capital and lower case) seem to become the standard. The only unfortunate issue is that so many sites require passwords and some of these sites may require you to change the passwords periodically and it becomes almost impossible to remember all the different passwords for the various sites.

Somebody may say now: “So what, there for we have the password retrieval system.”.  And this is were the problem is. These password retrieval systems use a question or phrase that is easy to remember. Like:

  • What was the name of your first dog? This is an easy one to hack.
  • What was the name of your first school? Except if you were not born in a country with a completely different language/alphabet (e.g. Hebrew, Arabian, Swahili, etc.) this one could also be fairly easy to crack with the rightcyber_security tools. Also, many of us have their resume on-line on some blog or Internet job board or have personal and private information like this on a social networking site. So also not too difficult to crack.

I could go on and on now. The fact is that these password retrieval systems provide very week protection.

I wonder why nobody has come up yet with a bio-scan system, like using a finger print instead of a password. Many laptops and some of the keyboards today come with a built-in biometric scanner. OK, they may cost a few $$$ more, but I bet that price would come down pretty fast when biometric scanning for password recognition becomes the standard.

Another system I like is the system Bank of America (BofA) uses in order to access my account. If I log on from a computer other than mine, or if my computer’s cookies have been removed, BofA requires that a security code is sent via SMS to my cell phone. I then have 10 minutes to enter this security code to identify myself as the valid account owner. Only after I have identified myself I am presented with the opportunity to enter my password. Should I have forgotten my password there are several security layers I have to go through in order to change my password and to access my account. Some of these questions are very unique, like the amount of my last deposit. Combined with other questions I consider this a safe access control. Again, somewhat complicated and lengthy but SAFE.

Maybe someday we can have biometric password control or at least biometric password retrieval. Just think about all the other options that could be available using biometrics. It could replace all our credit and debit cards. Accounts are linked to your finger print or iris scan. Rather then paying with a credit or debit card, you put a finger of your choice on a scanner and a screen gives you the option which account you would like to use, maybe with the account balance right next to it. So you never overdraw an account.

For me it seems to be a win-win situation for us the consumer and the banks.

Let me know what your thoughts are about this.

Oliver Schmid / 4954 IT Consulting, LLC

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: