Skip to main content

Passwords are no longer enough to keep us safe

Passwords are under more attacks than Donald Trump, nowadays.

Following the cyber-attack on Twitter, which left 30-something million accounts compromised, Head of ID and Fraud at Equifax, John Marsden, says new computational achievements, paired with an informational overload humans are faced with on a daily basis, creates an atmosphere where passwords simply don’t cut it anymore.

“As hackers crack more and more passwords, their algorithms improve and the speed in which they breach accounts increases,” he says. “Instead of taking weeks or months to crack 1 per cent of passwords, it can now only take a few days to breach 90 per cent of passwords. This is not hacking the company, but simply running high volumes of data and potential outcomes such as passwords through big data systems.”

“Previous breached data shows exactly how people at a global and individual level set passwords,” he says, concluding that some habits die hard.

“One of the major issues is that there are only so many unique passwords that humans can cope with. It is near impossible to remember multiple passwords using combinations of letters and symbols such as 5Ge8**233!!$. Data appearing on the dark web has proven there are very few new passwords created as people are re-using the same combinations over and over again.”

It doesn’t matter if a password was stolen from a less important service. Knowing that people frequently re-use their passwords, hackers can try other services with the passwords they already have to steal identities, banking data and other details.

One of the possible solutions would be to add an extra layer of security, such as device recognition, Marsden concludes.

Image Credit: Ai825 / Shutterstock

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.