Infosecurity (USA) - Passwords becoming risky form of enterprise authentication - 0 views
-
“The fact that passwords remain the cornerstone of enterprise authentication represents a significant and increasing risk. The vulnerability of password-based authentication is widely recognized: From the earliest phishing attacks to the most sophisticated spyware, passwords still represent one of the most common methods hackers target and use to access corporate systems and sensitive data”, the study observed.The way to reduce the costs of lost passwords and the increased vulnerability of similar user passwords is through the use of strong multi-factor authentication, explained Chatterjee. For example, two-factor authentication involves the use of something the user remembers, such as a password, and something the user has, like a token.
-
This approach increases security because a hacker needs both to gain access to a system or account; figuring out the password is not enough. It also reduces the need for users to have multiple, complex passwords. The system's two factors provide the complexity from a security point of view, he explained. Chatterjee used the example of a bank ATM card, which requires the use of the card along with the password for the user to gain access to his or her account.
-
With the two-factor authentication, users do not need to have complex passwords that change frequently. This reduces the burden on the employees as well as on the help desk, he noted.