• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Starting A DEI Consulting Firm For His Second Act

January 30, 2023

Tech layoffs at big companies could be a boon for startups and entrepreneurship – Startup

January 29, 2023

ADS-B Exchange, the Flight Tracker That Powered @ElonJet, Sold to Jetnet

January 29, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    Samsung’s One UI 5 update is largely about personalization

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Security»The power and efficacy of the password
Security

The power and efficacy of the password

October 8, 2022No Comments6 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Controlling access in today’s digital-first world: Why it really, really matters
Share
Facebook Twitter LinkedIn Pinterest Email

Learn how your company can create applications to automate tasks and generate further efficiencies through low-code/no-code tools on November 9 at the virtual Low-Code/No-Code Summit. Register here.


Discussion of a password-free future has significantly heated up — again — recently. Several big tech companies have been working toward the concept for nearly 20 years. Then, in May 2022, Apple, Google and Microsoft joined forces in a highly uncharacteristic synergy to expand support for passwordless authentication systems across various platforms.

Passwords are not going away

The word “passwordless” is simple, elegant and sublime, but somewhat exotic. The truth is that a passwordless world is very far from becoming a reality, if it ever will. No one likes passwords, but they are intrinsically linked into the backend architecture of authentication and encryption systems by design. This is not by virtue of trying, working hard or even dreaming. It is merely a function of how encryption schemes work. For example, smartphones and other tokenized devices are subject to theft, loss and bugs to start with. Even with biometrics, short of getting surgery, it is impossible to change your fingerprint, retina or face after the associated data has been stolen or compromised by cybercriminals.

Password use is growing at a significant rate

What’s more, not only are passwords intrinsic to the way modern connected devices work, those devices are now everywhere. In just the past three years, the number of IoT devices fueled by distributed work and the proliferation of cloud-based computing have caused an exponential increase in the number of passwords. 

Employees are working from virtually anywhere and, often, on unsecured networks. All of us now rely on a massive array of cloud-based services. Both the public and private sectors are using more devices of different types and with different operating systems and authentication schemes than ever before. All this has driven a significant boost to the password. Every website, native application, system and database requires passwords at some level — even if biometrics are used as a convenience factor. The fact is that robust encryption keys cannot be generated without a password. Even single sign-on solutions require a password, at some level in the architecture, to authenticate a user — prior to the user transacting with SAML-compliant authentication services.

See also  Black Hat – Windows isn’t the only mass casualty platform anymore

Event

Low-Code/No-Code Summit

Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

Password security issues and human behavior are intrinsically linked

Businesses around the world have tried to stay on top of advanced and progressive hybrid working styles by implementing new levels of security, although the password still remains the core pillar of a security system. Cybersecurity teams are struggling to keep up with the changing habits of their workforces, the massive increase in cloud-based applications, the infrastructure they need to manage and secure, and yes, the onslaught of more sophisticated cyberattacks. 

IT organizations are faced with a pervasive and critical dilemma regarding how to gain visibility, security and control over the entire organization’s infrastructure. This means keeping one eye on every single user on every device as they transact with every website, application and system in the organization — and do so from different locations and networks. Thus, cybersecurity solutions today require greater convergence and ubiquity in terms of threading together key identity and access management solutions in a single platform.

Verizon’s 2022 Data Breach Investigations Report highlighted that password security issues accounted for 80% of all data breaches globally. However, this is not caused by technical weaknesses, but by human failure to practice good password hygiene. Most people will know what best practice looks like, such as creating long and unique passwords for each individual account they have. Yet, according to our latest Workplace Password Habits research, almost half (44%) of respondents admitted to using the same password across both personal and work-related accounts. 

See also  Amazon tries to stop The Rings of Power trolls with 3-day review delay

Educating people about the importance of strong password security must become an essential component of digital security policies for businesses worldwide. The risk of a cybersecurity breach will be significantly reduced if we make cybersecurity training a formal onboarding step for all existing employees and new hires.

The future of the password

That said, more promising is the growing movement towards a future of password identification and authentications relying on zero-knowledge architecture in organizations. These innovations ensure that the company developing the software that protects the organization cannot access and decrypt the data within.

We have also seen significant growth and advancements in the use of multi-factor authentication (MFA), which is extremely effective in mitigating password attacks given its multi-user device communication. It should be treated as a default requirement in strengthening any organization’s security posture.

Notwithstanding this, an effective cybersecurity solution will not be entirely driven by technological muscle power or money. Infrastructure and organizational complexity coupled with cybersecurity models often impair technology-driven disintermediation. There are over 1.1 billion websites globally — not including the billions of native applications, systems and databases which require both authentication and encryption schemes. Given these metrics, think about the time it would take and the collaborative logistics that would be required to achieve mass migration and adoption to a single, passwordless authentication scheme that meets both authentication and encryption requirements.  

Passwordless solutions have not provided a full end-to-end solution

Kudos to the many industry innovators who have introduced alternative forms of authentication. Apple introduced Touch ID a decade ago and subsequently launched Face ID in 2017. With Windows Hello for logging into certain computing devices, Microsoft pioneered ditching front-end passwords for fingerprints and facial recognition. We will continue to see new innovations in security management such as the use of artificial intelligence (AI) or biometric authentication. 

See also  AutoRabit unveils security tools for Salesforce ecosystems

None of these innovations has killed the password, for the many reasons covered above. The backend of any hardened system requires passwords and layered encryption keys to protect user data. Passwordless solutions have not provided a full end-to-end solution for identity and access management. Instead, they have become a positive “feature” as part of the authentication scheme, one that works especially well in two-factor authentication scenarios. Your face, finger, voice and even your DNA are ultimately a proxy for a password, which remains at play behind the scenes. Further, there is a healthy debate about how the major tech players and other OEMs will be able to marry and create a single platform with agnostic features that work across any device and any browser. And what happens if a biometric breaks or is stolen?  

The pursuit of a passwordless future is both positive and bold

To be sure, these latest innovations are brilliant, and more will appear, but it is just not realistic to believe that passwords will disappear anytime soon. We might remove the manual process of having to enter a string of numbers and letters to get access to whatever we need. But losing passwords altogether is a myth. The best we can do is provide the utmost support for their safe use.

Darren Guccione is CEO and co-founder of Keeper Security.

Source link

efficacy password power
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Rad Power Bikes lays off employees for the third time this year – Startup

December 9, 2022

Rad Power RadRunner 2 review

November 30, 2022

Rad Power Bikes CEO Mike Radenbaugh replaced by former Sony leader Phil Molyneux – Startup

November 17, 2022

How those industries have used the Power Of Recruitment Tech Strategies

October 27, 2022
Add A Comment

Comments are closed.

Editors Picks

Manuscript ‘em up Pentiment has inked a November 15th release date

August 30, 2022

Fidel API names Salman Syed as COO

September 29, 2022

iOS 16 Introduces New Activity Awards for Fitness+ Workouts

July 10, 2022

ECB taps CaixaBank and Amazon for digital euro prototypes

September 17, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Starting A DEI Consulting Firm For His Second Act

Tech layoffs at big companies could be a boon for startups and entrepreneurship – Startup

ADS-B Exchange, the Flight Tracker That Powered @ElonJet, Sold to Jetnet

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.