EDITOR’S QUESTION
/////////////////
lengthy, but made up of real words, so
easier to remember. It might seem simple,
but the truth is, if a password takes too long
to crack, hackers will simply move on to the
next batch.”
“Static passwords simply cannot provide
effective corporate protection. In 2016, the
Bitglass security team leaked a fake profile
onto the Dark Web to show just how quickly
phished credentials can spread. Within a
month, the fake employee’s credentials had
been viewed over 1,400 times and there
were multiple successful login attempts into
the phished account.
“A
cquiring credentials to access
sensitive data is increasingly
easy and incredibly lucrative
for today’s hackers. Every additional
character in a password increases the
number of possible combinations, making
brute-force attacks on long passwords far
harder for hackers to crack.
34
INTELLIGENTCIO
“But increasingly, the complexity of a
password also makes it much harder
for people to remember, hence why
password123456 is still the most popular
password today. Rather than advising users
to create random strings of alphanumeric
passwords, we should be recommending
the use of passphrases. These will still be
“The number of large-scale data breaches and
the fact that users regularly re-use passwords
is a real issue for businesses today. Therefore,
enterprises must follow best practices in
authenticating users, starting with a proactive
approach to identifying suspicious logins.
Dynamic identity management solutions
that can detect potential intrusions require
multi-factor authentication and integrate
with existing systems for managing user
access can be much more effective than basic
password protection.
“For example, if a system records an
employee logging into a cloud application
from a host of different countries, it can alert
IT security teams of suspicious behaviour
and they can lock that account, preventing a
possible breach.”
www.intelligentcio.com