90pc of passwords ‘vulnerable to hacking’
Published 15/01/2013 | 11:56
Even passwords that are considered strong are vulnerable because users can't remember them, new research says.
Global consultancy Deloitte claimed that over 90per cent of user-generated passwords, even those considered strong by IT departments, will be vulnerable to hacking in 2013.
Jolyon Barker, global lead for Deloitte's technology, media and telecommunications industry, said “Whilst moving to stronger, longer passwords means greater levels of security, people understandably find these harder to remember.”
He added that so-called ‘two-factor authetication’, using additional methods, could improve security. “Instead an additional bit of identification can be used. It could be a password sent to a cell phone or smartphone, a physical device that plugs into a USB slot, or possibly be a biometric feature of the user,” Mr Barker said.
Deloitte said inadequate password protection may result in billions of dollars of losses, declining confidence in internet transactions and significant damage to the reputations of the companies compromised by attacks. As the value of the information protected by passwords continues to grow, attracting more hack attempts, high-value sites will likely require additional forms of authentication.
In June last year, however, a survey found that 'Password' topped the list of the 25 worst web passwords people commonly use to login into sites, leaving them more vulnerable.
The second most common password was ‘123456’, another easy code for hackers to guess when trying to access people’s email or Facebook accounts. Other passwords to make the list, generated by SplashData, an American password management data application, include: ‘abc123’, ‘iloveyou’ and ‘monkey’.
Facebook admitted that hackers are breaking into hundreds of thousands of Facebook accounts every day. Out of more than a billion logins to the website every 24 hours, 600,000 are impostors attempting to access users’ messages, photos and other personal information Facebook said. Last year 6.5million LinkedIn passwords were leaked online.
Deloitte also predicted that more than 80pc of internet traffic measured in bits will continue to come from traditional personal computers reflecting an age of PC plus, rather than a post PC era dominated by tablets such as the iPad. ”More than 70pc of the hours we spend on computing devices, including smartphones and tablets will be on a PC,” said Mr Barker.
The research further suggested that new gesture-based methods to control TVs will continue to lose out to the traditional remote control, while crowdfunding schemes such as KickStarter will continue to rise.