Passwords are the key to internet security. People need one to log into their bank, their email, their computer, their phone, any website where they can buy things and any website where companies want to track them. Email address and password is the standard to get access and it is useless. It is useless because emails are public. Everyone knows everyones email address. Any app, like Facebook, has access to the contact list, so it knows all a person's friends emails. Passwords are difficult to remember, difficult to create and so people just use something simple or use the same password everywhere.
Many websites give requirements for passwords, like “1 capital letter and 1 number and 1 symbol,” so people take normal dictionary words and remace letters with numbers and then promptly forget what they created. Companies have to store passwords somewhere and when they are hacked, and some Russian gets 2 million user names, passwords and credit card numbers from Home Depot or Target or some other company that is more interested in selling things than security. If a person uses the same password everywhere then the person who hacked Home Depot can now get into that person’s bank account.
Biometrics are a different way to improve the passwords system. On phones and computers, people can unlock their devices with a thumb or finger print. People joke that all a hacker has to do it cut off your finger. Retina scans are coming and Apple claims to have a “face recognician” system that is unbeatable. We will see.
Two-factor or two-part authetication is also a security measure. With two-factor a person uses something they know and something they have. For example, logging in with two-factor to a bank’s website means that the user enters their email and password (somthing they know). The bank then texts them a series of digits that they must enter (something they have). So a hacker must know a person’s user name and password and have their phone. This makes it more difficult since hackers cannot get all this information by hacking the bank’s website.
Steve Gibson is working on a new login procedure called SQRL, which relies on QR codes for logging into sites. It claims to be the most secure login out there. Of course banks and stores must use this system and rewrite their login procedures on their website for this to work. At least people are thinking about this and trying to improve the system.
If it is online, it will be hacked, spied on, confiscted and searched, wether by evil hackers, or the government. Anything that is stored online must be secure in both encryption and in standing against government intrusion. Email and password logins are antiquated, unsecured and dangerous. Two-factor systems add a level of security but are cumbersom. Password managers like 1Password and LastPass generate and store very long, comlicated passwords, but that just means they cannot be guessed. They can still be hacked. We are a long way from a secure internet, so be very careful what you store in the cloud.
Many websites give requirements for passwords, like “1 capital letter and 1 number and 1 symbol,” so people take normal dictionary words and remace letters with numbers and then promptly forget what they created. Companies have to store passwords somewhere and when they are hacked, and some Russian gets 2 million user names, passwords and credit card numbers from Home Depot or Target or some other company that is more interested in selling things than security. If a person uses the same password everywhere then the person who hacked Home Depot can now get into that person’s bank account.
Biometrics are a different way to improve the passwords system. On phones and computers, people can unlock their devices with a thumb or finger print. People joke that all a hacker has to do it cut off your finger. Retina scans are coming and Apple claims to have a “face recognician” system that is unbeatable. We will see.
Two-factor or two-part authetication is also a security measure. With two-factor a person uses something they know and something they have. For example, logging in with two-factor to a bank’s website means that the user enters their email and password (somthing they know). The bank then texts them a series of digits that they must enter (something they have). So a hacker must know a person’s user name and password and have their phone. This makes it more difficult since hackers cannot get all this information by hacking the bank’s website.
Steve Gibson is working on a new login procedure called SQRL, which relies on QR codes for logging into sites. It claims to be the most secure login out there. Of course banks and stores must use this system and rewrite their login procedures on their website for this to work. At least people are thinking about this and trying to improve the system.
If it is online, it will be hacked, spied on, confiscted and searched, wether by evil hackers, or the government. Anything that is stored online must be secure in both encryption and in standing against government intrusion. Email and password logins are antiquated, unsecured and dangerous. Two-factor systems add a level of security but are cumbersom. Password managers like 1Password and LastPass generate and store very long, comlicated passwords, but that just means they cannot be guessed. They can still be hacked. We are a long way from a secure internet, so be very careful what you store in the cloud.
Comments
Post a Comment