HDTV/3D TV News
Usernames and passwords provide insufficient security to protect financial websites and other sensitive online services, according to a new report by security services firm Network Box.
The report, ‘Authentication, who are you?’, argues that traditional security techniques used since the beginning of IT security – usernames and passwords – are increasingly insecure as hacking techniques become more advanced.
Simon Heron, the report’s author, warns that many users now have too many passwords, so either resort to using the same password for all internet accounts, or rely on resetting passwords using the insecure ‘forgotten your password’ function.
Even ‘verified by Visa’ is insecure, Heron claims.
“The ‘verified by visa’ system is a basic two-factor authentication system, but if you forget your password, often all you need in addition to the credit card is your date of birth to reset the password – which is less secure than most single password systems,” he said.
According to Heron, the solution to these problems will only be found by businesses working together to develop a standard security system.
“All companies involved in secure transactions must start working together to provide uniformity in their approach to security,” he said.
“If customers are to interact online and divulge confidential information, the company with which they’re doing business has a duty to secure that information.”
Comments (0)
