Last updated: 06 February 2015
After the Sony scandal surrounding the controversial release of The Interview, the consequences of hacking have rarely been more visible to the public eye. This news, combined with a recent flood of hacker exploits including the recent stealing of 5 million Gmail addresses and passwords, should cause us all to be more cautious about online security. Incredibly, however, it has been revealed that ‘123456’ and ‘password’ remained the top 2 worst passwords of 2014. It appears the message of safe password practice isn’t getting through.
This should act as a warning for those who still believe that a mere password is the most appropriate means of authentication for e-mail, banking and other accounts in need of verification, whether they be business or consumer accounts.
Furthermore, being a digital consumer is becoming increasingly exhausting, to the extent that we now have to remember an average of 25 username and password combinations. This is particularly difficult because humans aren’t wired to remember passwords, leading to laughably unimaginative passwords such as ‘123456’ which expose anybody to being hacked or having their identities stolen.
If we are to progress towards more secure and convenient authentication solutions, it’s important to fortify the traditional, single-authentication passwords which represent easier targets for cyber-criminals. There are now many innovative and safe ways to authenticate users without passwords, as well as methods which still use passwords in combination with multiple layers of protection, known as multi-factor authentication which protects online information.
37% of companies today use multi-factor authentication for their employees, an increase of 30% since 2012, and this figure is expected to grow to 53% by 2016. This is becoming the rule rather than the exception, as evidenced by our own CloudEntr, which enables secure access to web-based applications. Instead of just allowing a single-factor simple password authentication, admins and users can opt an additional One Time Password (OTP) to be sent via the CloudEntr OTP mobile app for a second factor of authentication. CloudEntr users can take advantage of the built-in password generator to assign a strong, random password to each of their web accounts.
Twitter is ready to ditch old-fashioned passwords and has released a developer kit that lets mobile apps’ companion websites use Digits phone number logins. This highlights the growing recognition of the importance of protecting business users and their data online, and the decline in trust in the traditional password’s capacity to secure their online activity. This is why our own LinqUs Mobile ID is a response to consumer and business demands, providing a universal and secure single means of authentication to a wide range of online services without the frustration of trying to remember dozens of insecure traditional passwords. LinqUs Mobile ID reduces the risk of identity theft, simplifies login to a large range of online services and allows users to access online services in a private and secure environment.
Hopefully, through innovative solutions and increased awareness, 2015 will see the end of the traditional password and will see it replaced by safe, multi-factor authentication solutions, like the ones we’ve mentioned. And even if that takes time, let’s hope we all see the end of ‘123456’ passwords; at least that’ll be a step towards stopping cyber-criminals enjoying such a prosperous time in the future.