3 Keys to Uncovering Cybersecurity's Serious Password Problem
Online and Mobile Safety Respected security consultant Frank Abagnale, Jr. offers three compelling reasons why everyone should pay more attention to their log-in habits, and why we should consider graduating from passwords all together.
For the vast majority of internet users who use the same password, their identity and personal information is low hanging fruit for criminals who make off with unwitting victims’ sensitive and valuable information every day.
Most users rely on passwords to access the majority of websites they frequent, but there’s a limit to how many unique or complex passwords they seem willing to use, and nobody wants to refer to a spreadsheet for every log-in. Here are three reasons why that’s a lucrative dilemma for criminals.
1. The increasing elegance of cyberattacks
Up to 85 percent of businesses suffer phishing attacks, and this figure is expected to climb. As these lures for sensitive data become more professional, a higher percentage of victims will be reeled in. These exploits impact thousands of people who never expected — and may never even know — that they were “phished.”
2. The impending domino effect
Using the same or similar passwords for many websites only increases the places that can be breached. You become a prime target for cyberattacks, and, with minimal effort, criminals have access to bank accounts, loyalty programs, health records — any information you protect with the same password.
3. The likelihood of forgetting
Sidestepping the password problem by requiring a new, unique password for each site or visit isn’t a solution. People just make up new passwords on the spot — ones they will forget. This is compounded when security questions are layered in. This is only a waste of the user's time. Criminals capitalize on this opportunity with phishing for “password reset” information, ultimately directing end users to a site where their data can be stolen.
So, what’s the solution when users hate passwords, adding more password requirements only adds frustration and password managers merely circumnavigate the issue?
It begins with moving past a reliance on passwords that, since the 1970s, hasn’t advanced much at all. That’s a lot of years for criminals to figure out how to cheat the system. If we want to stay a step ahead, passwords must be put to pasture and the new technologies that are readily available need their chance. If not, the danger isn’t going anywhere fast.