Cyber-incidents have multiplied in the last 2 months and there is a good chance that this will continue for a little while.
Hackers are on the rise and are targeting virtually everything they can get, including video conferencing applications that are fashionable today, health facilities, the World Health Organization, private companies in some of their employees are teleworking because of general containment measures.
This article will also interest you: Password security and authentication
Speaking of telework as one of the boosters of cybercrime during the last 2 months, it should be noted that companies have organized themselves and have done their best to secure as much distance collaboration as possible. But all this was an overall test that identified the inadequacies and qualities of the different networks and information systems. As such, IT security companies have never been more in demand over such a short period of time.
However all security systems faced different difficulties. In particular, passwords that have been endangered by the explosion of phishing campaigns. Three days ago it was World Password Day. A day that allowed to visit again and see to what extent adapt it to the needs and realities of current authentication, which for a very long time has been the basis of login security. Today, the password is fragile in the face of the explosion of digital services, and the constant development of cybercrime methods. It is also much criticized. Specialists are increasingly attracted to solutions involving biometric authentication technologies. At the beginning of this, specialists continue to strengthen it and explain that it can still be useful, but with disciplined use. "Hackers can decrypt a 7-character password in 0.29 milliseconds. Many companies now know how to identify password issues, but many are still struggling to integrate the fact that security must be at the heart of the software development process. Because one of the most important parts of a web application is the authentication mechanism, which goes beyond the password barrier. This mechanism secures the site and also creates limits for each user account. explains Nabil Bousselham, solutions architect at Veracode.
He explains that it is possible to protect pending attacks by saying the password, but not only that: "In this new data-driven decade, a simple static password will not be enough. While companies are aware of the role that application security plays in data protection, banks and other sectors need to take more ownership of application authentication to help detect fraudulent account access," says Bousselham.
Therefore, it should be noted that the password as a method of securing authentication and connection is no longer sufficient today. It should then be accompanied with several measures, such as multi-factor authentication, for example. He concludes by noting these latest tips to businesses: "On this World Password Day, I therefore call on companies to empower developers by training them in best practices in secure coding and providing the right tools. The goal is to prevent users from being more exposed to data breaches. In addition, users must enable multifactor authentication to reduce the risk of takeover by cyber attackers (…) In general, passwords should always be unique, regularly renewed and stored in a secure safe. Some credentials will need to be stored. So don't hesitate to make up a password that is long and difficult to guess."
If the evidence shows that today, the password can no longer properly secure the connections, the fact remains to me that we can not get rid of them so hastily. Its usefulness remains and can reinforce no different methods that exist today.
Now access an unlimited number of passwords: