We all hate passwords. Either you can't remember them, or you re-use the same one over and over to avoid forgetting it. Trying to come up with new passwords is a never-ending battle against human memory versus the potential for someone to guess the one you have. So how do you create secure passwords, and remember them?
Why Do I Have to Change my Password Every 30/60/90 Days?
"My company makes me change my password every so often. Why do they make me do this even if we haven't been breached or anything like that?"
The answer is simple, and there are two reasons why this policy is standard for most companies. The first is protection against stuff that hasn't happened yet. The second is protection against stuff that has happened - just not to your company.
Recently Troy Hunt released 320 million hashed passwords collected from breaches (https://haveibeenpwned.com/Passwords) so I thought I’d run an experiment on that data based on common password tweaking techniques. I wanted to see if I could find tweaked variations of a given password in Troy’s data set.
SecureAuth passwordless authentication is more secure than single or second-factor authentication and doesn’t get in the way of users trying to do their jobs. Watch Matt go passwordless in less than 10 seconds, then learn SecureAuth is making passwordless possible today:
It’s 2017, and data breaches are occurring at a record pace. It’s no wonder, then, that Americans are becoming increasingly anxious about their online security. Our recent report with Wakefield Research says Americans are much more likely to be concerned with their online personal information being stolen (69 percent) than their wallet being stolen (31 percent).
Our recent survey, conducted in conjunction with SC Magazine, shows that organizations are moving towards a passwordless future. The results show that while 36% of IT decision makers believe they will no longer rely on passwords 5 years from now, concerns remain around the complexities involved with rolling-out across the enterprise, yet they recognize the benefits of a passwordless strategy.
If you’re an IT pro, you’re likely aware of the very real damage that can result from even one user’s credentials being compromised. Once attackers have a foothold in your systems, they can linger for months, steadily increasing their permissions until they find and steal your most valuable data. Many organizations are already working to strengthen their security posture for preventing the misuse of stolen credentials. But one very real risk is typically overlooked: the social and personal credentials of our end users.
Infographic: A recent SecureAuth survey found that a majority of Americans (81%) reuse passwords -- and Millennials are the biggest culprits! This infographic summarizes the results of the survey and shows how Adaptive Authentication can provide better security and usability in the face of poor password security practices.
July 2017: SC Magazine’s Market Focus: Another Paradigm Shifts; Multi-Factor (MFA) might soon forgo the password.
In the 2004 action movie National Treasure, Nicolas Cage needs to guess a not-so-complex password and lift a fingerprint in order to break into the National Archives building and steal the Declaration of Independence. Movies often make stealing two-factor authentication so simple, but is it really that easy? And what if the second factor wasn’t a password at all? Could Cage have broken in?