Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
The death of passwords
- This topic has 2 replies, 3 voices, and was last updated 2 years, 7 months ago by
.
-
Topic
-
In 2004, Bill Gates predicted the death of passwords
Interested to find out your opinions on the relative need for the conventional password, both for secure server and network infrastructure and for the end users of a company?
Considering the alternatives
MFA and SSO
Multi-Factor Authentication for their networks and employees.Single Sign-On has become more important with the rise of cloud computing and the need to access business applications from multiple devices, it is a definite security risk. The system will generate a random and temporary code that will be sent to you by SMS every time you try to log in
-
Replies
-
-
The use of passwords creates a level of risk that will eventually become intolerable. Users are challenged with remembering passwords and they employ tactics that render it fairly insecure. Other authentication methods like facial recognition, finger print, etc. will soon replace the troublesome password.
-
Conventional password methods can be compromised easily by guessing (usually gaining information about the target), using a brute-force attack (trial-and-error method), and/or a dictionary attack (using known words and phrases), along with other non-conventional methods. Multi-Factor Authentication (MFA) like you had mentioned, is a greater alternative to the generic username and password method. Many companies give the end-users and their employees the ability to enable MFA to better secure the information they are protecting. MFA adds to the generic password method by adding a second layer of security of either something you have (random generated token, physical access card, etc.) and/or something you are (fingerprint, facial features or eyes, etc.). Its important to know that MFA does not provide full security and still can be compromised. Same goes with single sign-on method as you had mentioned. So I would say rather than seeing the end of passwords, we are seeing a more layered approach of security to the generic method of a single password.
-
You must be logged in to reply to this topic.
