Password Security – the Joke of the Century
It looks like people finally seem to grasp the importance of password security. Passwords that contain numbers, letters (capital and lower case) seem to become the standard. The only unfortunate issue is that so many sites require passwords and some of these sites may require you to change the passwords periodically and it becomes almost impossible to remember all the different passwords for the various sites.
Somebody may say now: “So what, there for we have the password retrieval system.”. And this is were the problem is. These password retrieval systems use a question or phrase that is easy to remember. Like:
- What was the name of your first dog? This is an easy one to hack.
- What was the name of your first school? Except if you were not born in a country with a completely different language/alphabet (e.g. Hebrew, Arabian, Swahili, etc.) this one could also be fairly easy to crack with the right
tools. Also, many of us have their resume on-line on some blog or Internet job board or have personal and private information like this on a social networking site. So also not too difficult to crack.
I could go on and on now. The fact is that these password retrieval systems provide very week protection.
I wonder why nobody has come up yet with a bio-scan system, like using a finger print instead of a password. Many laptops and some of the keyboards today come with a built-in biometric scanner. OK, they may cost a few $$$ more, but I bet that price would come down pretty fast when biometric scanning for password recognition becomes the standard.
Another system I like is the system Bank of America (BofA) uses in order to access my account. If I log on from a computer other than mine, or if my computer’s cookies have been removed, BofA requires that a security code is sent via SMS to my cell phone. I then have 10 minutes to enter this security code to identify myself as the valid account owner. Only after I have identified myself I am presented with the opportunity to enter my password. Should I have forgotten my password there are several security layers I have to go through in order to change my password and to access my account. Some of these questions are very unique, like the amount of my last deposit. Combined with other questions I consider this a safe access control. Again, somewhat complicated and lengthy but SAFE.
Maybe someday we can have biometric password control or at least biometric password retrieval. Just think about all the other options that could be available using biometrics. It could replace all our credit and debit cards. Accounts are linked to your finger print or iris scan. Rather then paying with a credit or debit card, you put a finger of your choice on a scanner and a screen gives you the option which account you would like to use, maybe with the account balance right next to it. So you never overdraw an account.
For me it seems to be a win-win situation for us the consumer and the banks.
Let me know what your thoughts are about this.
Like
Leave a Reply