Centrify Senior Director APAC Sales Niall King

Centrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, today celebrates World Password Day by calling for the end of this outmoded form of protection.

World Password Day turns up annually on the first Thursday of May - as in today, May 3, 2018 - as a day to promote good security hygiene and password habits.

However, Centrify, a cybersecurity company whose products are used by more than half the Fortune 100 organisations in the US, warns people that passwords provide a false sense of security.

Centrify Senior Director APAC Sales Niall King said passwords fail to protect online resources. “The bottom line is that passwords are not doing the job they’re intended for,” he said.

“There’s ample evidence to support this fact, such as the 2017 Verizon Data Breach Investigations Report (DBIR) which states that 81 per cent of hacking-related breaches leveraged either stolen and/or weak passwords. So rather than celebrate World Password Day, we should treat it like an overly complicated password and just forget it - for five simple reasons.”

1/ Passwords do not protect your online assets

As demonstrated by the Verizon DBIR findings, passwords are a big part of the problem, not the solution for security. Relying on passwords alone to protect your online identity and assets is like trying to ward off a rainstorm with a sheet of paper - it’s just not up to the task.

2/ People are really bad at choosing passwords

Most people are poor at recalling complexity, so, as a result, we tend to choose dumb passwords that are easy to remember. For proof of this, just check out Time Magazine’s report on The Worst 25 Passwords of 2017, with the top five being:

  1. 123456
  2. Password
  3. 12345678
  4. qwerty
  5. 12345.

In case you’re curious, “login” was at place number 14.

3/ People don’t keep their passwords secure

Even if you’re one of those rare people who creates a complex string of random characters that is at least eight characters long, with upper and lower case letters, numbers and special characters, you have likely recorded it somewhere - such as a sticky note next to your monitor or in a Word or Excel file on your hard drive - which makes it as secure as a house key hidden under the welcome mat.

4/ People use the same password for multiple websites

Because strong passwords are hard to recall, we may remember one and use it repeatedly. The problem is that this approach to security is like the domino effect: Once one falls, they all go down.

5/ There are many more secure ways to protect yourself than passwords

You probably already use some of them, such as two-factor authentication - something you have and something you know - like the cashcard and PIN you use to access your bank’s ATM.

Or biometric identification, like the thumbprint that gives you access to your smartphone and authenticates your identity when you use your phone to make purchases.

If you run a business, then you can mandate identity and access management systems that reduce the risk of data breaches by using machine learning to identify abnormal access patterns.

Mr King said the best way to celebrate World Password Day was to kill off the password. “Let’s stop making it easy for attackers to steal our data,” he said.

“Instead of celebrating passwords, we should ditch them in favour new tools like two-factor authentication to better protect our online selves. It’s time to kill the password.”

Click here to read an executive summary about strengthening security by deploying two-factor authentication everywhere. For Centrify media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email john@impress.com.au.

Click here to listen to Radio ABC Darwin's Lyrella Cochrane interview Niall King about the problem with passwords.

###

About Centrify

Centrify delivers Zero Trust Security through the power of Next-Gen Access. The Centrify Zero Trust Security model assumes that users inside a network are no more trustworthy than those outside the network. Centrify verifies every user, validates their devices, and limits access and privilege. Centrify also utilises machine learning to discover risky user behavior and apply conditional access — without impacting user experience. Centrify’s Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a-Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). More than 5000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses.

Centrify is a registered trademark of Centrify Corporation in the United States and other countries.  All other trademarks are the property of their respective owners.

Related News