THE public and businesses need to “drop passwords altogether” and move to other technology to protect personal information from hackers, a cybersecurity expert has said.
Marking World Password Day today, Grahame Williams, identity and access management director at defence firm Thales, said passwords were “becoming increasingly insecure” and “easily hacked”.
He called on the industry to move to other forms of log-in such as multi-factor authentication (MFA) – where users must provide an additional layer of identification to log in – or biometrics such as face or fingerprint scans to improve the general safety of personal data.
Williams said a key issue was the widespread use of simple and easy-to-guess passwords.
Data shows that common and obvious phrases such as “password” and “qwerty” – in reference to the common computer keyboard layout – are often among the most used passwords globally.
“Research has come out in the last few days showing the number of CEOS who are still using ‘12356’ as their password is actually quite comical – the assumption is that we’ve moved away from that but actually the data really isn’t supporting that,” he said.
“We know that people are using these ridiculously easy passwords, but the most alarming fact is that they’re not actually just using them for one thing, they use that password over and over again.
“So if somebody gets access to one of your passwords they get access to your crown jewels.
“With everyone working from home, with Covid and people going online for the consumption of everything, the threat landscape is getting worse and worse, and there are some seriously unscrupulous people out there.
“So it really is in everyone’s interest to take it seriously and make sure that we put as many hurdles up as we can.”
Experts advise people who are creating a password to use a collection of three unique, random words and not to reuse them across multiple accounts.
But Williams said where possible, platforms should introduce other ways for people to log in and users should strive to use them.
“Whereas passwords are really easy to guess, actually being able to use something which is unique to you – like your face or fingerprint – is obviously the logical step for us to take,” he said.
“We would recommend that everyone – whether consumer or private – starts utilising these technologies.
“Our standpoint on this is there’s no reason why you should have to still use passwords and we should all be looking to really push forward.”
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel