Password vaults serve one purpose only and that is to make it easier for people to store their login
credentials centrally. They are not about making those credentials more secure. Yes, you will see marketing materials talking about encryption and the like, but at the end of the day all you are doing is consolidating your passwords and ‘securing’ them with just one master code.
People buy in to password vaults for convenience in fact Last Pass has the tagline ‘The last password you’ll ever need’. It is essentially the same as storing all your credit, debit and store cards, along with your driving licence and cash in a wallet. It seems like a great idea until it gets stolen.
For me, the root cause of the problem isn’t the password vault itself, but the password. Most of us tend to see the login screen as an obstacle that stands in the way of us doing what it is that we want to do. Anything that makes it quicker and easier to get through the process is welcomed with open arms. To illustrate my point, how many of you click the ‘remember this password’ when given the opportunity? I know I have.
If we are being honest most of us are willing to make some form of trade-off between security and convenience, but we should not be expected to do so. Passwords continue to haunt our lives because organisations decide to enforce their use, and in most instances it is because they do so as they don’t know what else to do. As security professionals it is our role to give these organisation choice, show them that there is a better way and crucially, put forward a compelling business case that will drive lasting change.
At the same time Last Pass has been hitting the headlines this week, so too has Tripwire for its attempt to solve the problem using Emojis. As a marking gimmick it has certainly succeeded in grabbing attention, and they seem to be heading in the right direction by trying to make login credentials easier to remember and leveraging the capabilities of mobile devices. But could such a solution viably replace every website, mobile app or corporate network that currently uses a password? Emojis might appeal to millennials logging on to a social forum, but would a silver surfer feel comfortable using them for their online banking? It may well be more secure than a password but I can’t imagine entering: smiley face, sad face, birthday cake and love heart to authorise a transaction from my corporate bank account!
If we are being honest most of us are willing to make some form of trade-off between security and convenience, but we should not be expected to do so. Passwords continue to haunt our lives because organisations decide to enforce their use, and in most instances it is because they do so as they don’t know what else to do. As security professionals it is our role to give these organisation choice, show them that there is a better way and crucially, put forward a compelling business case that will drive lasting change.
At the same time Last Pass has been hitting the headlines this week, so too has Tripwire for its attempt to solve the problem using Emojis. As a marking gimmick it has certainly succeeded in grabbing attention, and they seem to be heading in the right direction by trying to make login credentials easier to remember and leveraging the capabilities of mobile devices. But could such a solution viably replace every website, mobile app or corporate network that currently uses a password? Emojis might appeal to millennials logging on to a social forum, but would a silver surfer feel comfortable using them for their online banking? It may well be more secure than a password but I can’t imagine entering: smiley face, sad face, birthday cake and love heart to authorise a transaction from my corporate bank account!
Meanwhile, at the other end of the scale biometrics are promising to change the world, but unless you are a large bank with money to burn it is pretty much out of reach, and even then you have the issue of standardising on a biometric.
This is the big challenge we as an industry face if we are going to replace something as ubiquitous as a password. We need to find something that has the potential to be just as ubiquitous in the future, otherwise we will be stuck in the same old rut.
This is the big challenge we as an industry face if we are going to replace something as ubiquitous as a password. We need to find something that has the potential to be just as ubiquitous in the future, otherwise we will be stuck in the same old rut.
We think we might have just the thing! www.pingrid.com
Author: Fred Astfedlt, Winfrasoft
any email writers use emoticons because the icons are quick and easy to use. So it's essential to enable emoticons in our social media sites and smart phones. Emojis enables a Japanese keyboard. emoji
ReplyDeleteVery interesting blog. Alot of blogs I see these days don't really provide anything that I'm interested in, but I'm most definately interested in this one. Just thought that I would post and let you know. emoticon vs emoji
ReplyDeleteAmazing Article,Really useful information to all So, I hope you will share more information to be check and share here.
ReplyDeleteInternship near me
Inplant Training for cse
Inplant Training for IT
Inplant Training for ECE Students
Inplant Training for EEE Students
Inplant Training for MECHANICAL Students
inplant Training for CIVIL Students
Inplant Training for Aeronautical Engineering Students
Inplant Training for ICE Students
Inplant Training for BIOMEDICAL Engineering Students
Thanks for the blog filled with so many information. Stopping by your blog helped me to get what I was looking for 인싸홀덤
ReplyDelete. Now my task has become as easy as ABC 인싸포커 .
Mua vé tại đại lý vé máy bay Aivivu, tham khảo
ReplyDeletevé máy bay đi Mỹ bao nhiêu tiền
vé máy bay hà nội tp hồ chí minh
vé máy bay tphcm ra hà nội
vé máy bay hải phòng nha trang vietjet
vé máy bay sài gòn đà lạt pacific airlines
taxi sân bay hà nội
combo du lịch nha trang 2021