November 17, 2014

The Importance of Password Management – Do the Eyes have it?

By Steve Prentice

Password Management

One of the main drawbacks to the borderless space that comprises the cloud is that of security. Recent breaches such as Heartbleed, Target and Home Depot demonstrate that crucial data – the passwords and PINs that keep the bad guys away from our money and information, need constant vigilance and upkeep, primarily in terms of keeping passwords complicated and unique.

For many, this becomes too much work, which is why the most common passwords, such as 123456 are still heavily used.

The importance of security has always been paramount, but is about to become a whole lot more critical as the Internet of Things opens the world of data up from simply PCs and phones to refrigerators, baby monitors, home automation systems and much more. With each of these items able to talk to each other across a common platform, any one simple misappropriated password attached to one device becomes the entryway that can infect an entire system, much like the hugely complex human body can be brought down by a single insect bite or infected needle.

The Open Web Application Security Project (OWASP) recently released a list of the top ten security weaknesses of the Internet of Things, which included Insecure Web Interface, Insufficient Authentication/Authorization, Lack of Transport Encryption, Insufficient Security Configurability, and Poor Physical Security.

One company that seeks to change this is Eyelock, a New York City-based company whose new product, Myris, promises to deliver secure access literally in the blink of an eye. It sells an inexpensive device that consists essentially of a mirror and a camera to read the unique pattern of a person’s iris, and can do so even if the individual is wearing glasses. Eyelock’s people state that the application can also distinguish between a real eye and a picture of an eye.

eyelock

Iris and retina readers are the newest and most James Bond-like of security devices, but just below them on the glamour scale rests another concept, that of the online password keeper. Applications such as LastPass not only remember all the passwords that a user might have for his/her many applications and websites, but also generates highly complex ones consisting of numbers, letters and symbols. The idea behind LastPass is that the only password needed from this point on is the one that opens up the LastPass application itself.

Such sophisticated approaches to defending data are only as strong as the weakest link, which, as always, is the human user. From the overly simple (123456, qwerty and the actual word “password” topped the Huffington Post’s annual ranking of bad passwords for 2013), through to sloppy human usage – leaving a browser open, leaving passwords written down, or forgetting to log off – human actions will always be the ones that will leave a computer – and every single device that the computer can talk to – open and exposed.

Literacy, in the age of the Internet of Things is about information management, and this includes protection of that information.

By Steve Prentice

Steve Prentice

Steve Prentice is a project manager, writer, speaker and expert on productivity in the workplace, specifically the juncture where people and technology intersect. He is a senior writer for CloudTweaks.
Cloud Computing Humor
Michael Kleef

Akamai’s Michael Kleef Reveals Key Shifts in Cloud Computing Landscape

Welcome to a conversation with Michael Kleef, Vice President of Product Marketing, Developer Advocacy, and [...]
Read more
Vasilena Markova

DNS Attacks: Protecting Your Digital Assets with Advanced Security

DNS Attacks: Advanced Security In an increasingly interconnected digital world, the threat of DNS attacks [...]
Read more
Chris Bray

Quantum Leap: How Post-Quantum Cryptography Will Dominate 2024 Boardroom

2024 Cybersecurity Predictions As we step into 2024, the technological landscape is poised for transformative [...]
Read more
Surya Kant Verma

Choosing the Right Cloud Platform: A Guide to Finding Secure, Cost-Efficient Solutions

Choosing the Right Cloud Platform Cloud computing has revolutionized how organizations work, offering an increased [...]
Read more

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role [...]
Read more
Andy Hilliard

Accelerance CEO Unveils the Future: AI’s Role in Software Development

In this edition of CloudTweaks, we feature an insightful discussion with Andy Hilliard, CEO of [...]
Read more

SPONSOR PARTNER

Unlock the power of Google Cloud with a $350 signup credit. Experience enhanced scalability, security, and innovation for your projects today!
© 2024 CloudTweaks. All rights reserved.