12-26-2018, 04:55 PM
![[Image: eye-spying-on-password.png]](https://accelerator-origin.kkomando.com/wp-content/uploads/2017/03/eye-spying-on-password.png)
Passwords, they are a single line of defense against attackers intent on stealing your data, but this defense may soon become a thing of the past, and its due to a few variables. First, they are useless, and also dated... passwords just treated with the respect and attention that they should by the every day user. They are typically made up of one or two words, a number either double or triple digit, the words could either be their dog, cat, their own name, a random combination of words, the numbers could be their birthday, a wedding date, an anniversary date etc. Passwords need randomness, and this could come in the form of a random string of illegible gibberish, and it would suffice. When you get passwords that are way less than random, then you run into the red zone, this is where the attacker puts away his 'brute force' software and does all of the guess work himself, and succeeds. Don't make it easy for them.
The second, is using these very same poorly laid out passwords across multiple accounts, now you've really dinged it. Now you have given the attacker more ground to freely access more data. This is a common practice among the general population of users, and that is very bad. The attacker know this; they also know that is most people are willingly capable of that mistake, then they must be "willingly capable" of other mistakes as well. There is a little social engineering for you, people may be unpredictable, but remember this, they are just as predictable, if not more. The aforementioned habit is part of a bigger trend of bad security practice among general users, and it needs to stop. Companies thought they had it down, when they started forcing their users to hard reset their passwords, and it completely failed. Users refused to "fully reset" their passwords leading them to only alter it by either a few words or a couple numbers. Again, bad etiquette, and bad customer service.
The third and last, is that because we are coming into an era where almost everything is digitized, we require stronger and better security. Passwords are dated; they are antiques and we need something better. Some research and standards groups have suggested a special security system that is embedded into the system. That uses features like facial recognition, hand gestures, retinal scanners, etc to bolster access to your phone, computer, database. This needs the support of major organizations to get through to the public, and if it does it could greatly impact how we secure our data, and hopefully, its a positive impact.
That was the news folks, have a good week, and stay safe out there.
----Mad-Architect