About Thawte

News

When passwords are the problem

The need for effective computer security is at an all-time premium, but cybercriminals keep finding ways into corporate networks. Research shows that poor password maintenance is one of the ways in which people are helping out their own hackers. More than 90 percent of all user-generated passwords are vulnerable to cyberattacks in 2013, according to a report by Deloitte Technology, Media and Communications. Easy-to-guess passwords, forgotten passwords and a lack of proper encryption and authentication measures mean that companies and employees may be signing in to their own security breach.

While technology, security systems and yes, cybercriminals, have gotten increasingly clever and complex, password safety hasn't benefited from the same degree of enlightenment. Traditionally, the study reported, a password of at least eight characters in length, that incorporated mixed-case letters, a number and a non-alphanumeric symbol has been the standard. Any program trying to crack the right combination would take too long to make password-breaking worth it. However, analysts concluded, this standard is no longer viable.

Revising the standard is difficult because it necessitates changes in human behavior. A security system is only as strong as its weakest link. The study found that there are 6.1 quadrillion possible password combinations using the standard eight-character key. However, humans also struggle to remember random strings of letters, numbers and especially symbols.

"Users often create passwords that reference words and names in our language in experience," the study reported. Recognizable words, coupled with common password practices like capitalizing the first letter or putting numbers at the end, make passwords relatively easy to guess for a smart program.

In fact, when the study looked at six million actual user-generated passwords, it discovered that 98.1 percent of accounts could be accessed by the 10,000 most common passwords.

Password negligence is a computer security hazard
Having many passwords is hard to remember. VentureBeat's John Koetsier reported that 61 percent of people reuse passwords on different sites. Having too many passwords than one can remember leads to a loss of productivity as they need to be reset, and security risks stem from instances in which corporate and personal usernames and passwords are stored together in one document. Poor password management contributed to 39 percent of all malicious hacking threats in 2012.

The Deloitte study recommended that companies use authentication best practices, including encryption of all stored sensitive data and multi-factor identification methods.

An SSL certificate is one of the authentication best practices. Protect your sensitive data in transit with one today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +27 21 819 2200
Fax: +27 21 819 2950

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates, SGC SuperCerts and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?