People and businesses should “eliminate passwords altogether” and move to other technology to protect personal information from hackers, a cybersecurity expert has said.
Grahame Williams, director of identity and access management at defense firm Thales, said passwords were “becoming increasingly insecure” and “easily hacked”.
He called on the industry to switch to other forms of login, such as multi-factor authentication (MFA), where users must provide an additional layer of identification to log in, or biometrics, such as fingerprint or facial scans, to improve overall security. of personal data
Williams said a key issue was the widespread use of simple, easy-to-guess passwords.
The data shows common and obvious phrases like “password” and “qwerty,” referring to the common computer keyboard layout, which are often among the most commonly used passwords globally.
“The research that has come out in the last few days showing the number of CEOs still using ‘12356’ as their password is actually quite comical – the assumption is that we’ve moved away from that, but in reality the data doesn’t really support that. .that,” he added.
“We know that people are using these ridiculously easy passwords, but the most alarming fact is that they’re not actually using them for just one thing, they’re using that password over and over again.
“So if someone gets access to one of your passwords, they get access to your crown jewels.
Three unique random words
“With everyone working from home, with COVID-19 and people going online to consume everything, the threat landscape is getting worse and worse, and there are some seriously unscrupulous people out there.
“So it’s really in everyone’s interest to take it seriously and make sure we put up as many roadblocks as we can.”
Experts advise people who are creating a password to use a collection of three unique random words and not to reuse them across multiple accounts.
But Williams said that where possible, platforms should introduce other ways for people to log in, and users should make an effort to use them.
“While passwords are really easy to guess, being able to use something that’s unique to you, like your face or fingerprint, is obviously the logical step for us to take,” he said.
“We recommend that everyone, whether consumer or private, start using these technologies.
“Our point of view on this is that there is no reason why you should continue to use passwords and we should all be looking to really move forward.”