programming4us
programming4us
SECURITY

Password Hacks (Part 3) - Alternatives to passwords

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
8/11/2012 11:08:54 AM

Alternatives to passwords

So what can be done and are passwords really necessary? We can look here to banks, which tend not to rely on the usual username and password combination and often employ ever more elaborate ways of letting you access your money.

Take HSBC, for example, which uses what's called a Secure Key When logging on, you have a unique, long number which, strangely, can be remembered by the browser but the next step is to input the answer to a question you set up when generating the online account. The next step is the most secure. Using your calculator-style Secure Key, you input your pin number. This generates a code that you have to enter into a box. And you have to be quick because the code is time sensitive, with the computer system knowing what will be a valid code for that moment.

Description: Alternatives to password?

Alternatives to passwords?

The Secure Key has a clock built in, synchronized with the clock on the bank's computers before it's sent out. It also has a unique serial number allocated to it, which is only known by the bank. The PIN is only known to you. And the answer to the question should also only be known to you as should the initial user ID. Only when you have all of the information and Secure Key to hand can you actually get in. It may be a pain at times, but it works. And this is an example of a time synchronized password that can only be used once.

Sticking with banks, some ask you to input certain characters from your password, which enables them to block bots, which may try to infiltrate the system by inputting a username and password automatically to be asked for the first, third and sixth letter, for example, makes automation impossible, so a hacker would have to enter it manually.

Description: The Secure Key has a clock built in, synchronized with the clock on the bank's computers before it's sent out

The Secure Key has a clock built in, synchronized with the clock on the bank's computers before it's sent out

A Pass-Window system is also effective. It places a unique key pattern on a transparent section of an identity card. This has to be held over a generated pattern image on a display and, when it is, a series of digits is shown that can then be entered as your single-use password.

It could be that, in future, webcams are used to log us in. They could read our eye's biometric data. Fingerprint scanners would also ensure only the user could gain access, but this means having extra, costly hardware. Other hardware solutions include using portable storage devices, which need to be plugged in when is gaining access to a server, but again they can be cumbersome.

Non text-based passwords could work well. Instead of remembering words, they require you to click on images in a set pattern that only you know. Swiping technology such as that on phone are also avoid passwords by recognizing a particular pattern. If you don't swipe across a screen in the exact right way, you will not be allowed in.

And yet for all of this, one of the major issues people have is username/password fatigue, where it seems you are forever trying to remember combinations and tapping in information just to get simple data. It's why so many people use the same username and password for many sites or even write them down. They are seen, for large numbers of people, as barriers. It may be lazy, but there are reasons why people allow browsers to remember their passwords, yet it's fair to say they are hardly helping themselves.

Description: Hacking is an ever-present problem, so  regularly changing passwords and not having the same one for multiple sites is always a good security device.

Hacking is an ever-present problem, so  regularly changing passwords and not having the same one for multiple sites is always a good security device.

Banks put in extra measures to save their own skin. They know that someone who has compromised their own password could end up costing them money when a claim is made against them.

For most sites, though, the username and password works very well and while hacking is an ever-present problem, regularly changing passwords and not having the same one for multiple sites is always a good security device.

It's true that we're not going to see an end to hacking and no matter what system is put in place there will be people trying to find a way in. All we can do is figure out ways of making it harder for thieves and perhaps do more than Mr Chow and make the password as complicated as possible. They make you "add number" for a reason and the more complex the better. Together we can beat the criminals or at least give them a damn good headache.

Data blast

·         On average, men store $2776 on games consoles or tablets. Women store $257.

·         Career information stored on digital devices is worth an average $1047.

·         A huge 72% of people have personal information stored on their digital devices.

·         41% of people say they store from $79 to $798 on their digital devices and 27% store between $784 and $7978.

Source: McAfee

Other  
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
REVIEW
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
programming4us programming4us
programming4us
 
 
programming4us