New Advances In “Password” Technology

Every day someone is a victim of some form of identity theft.  Whether it be someone as simple as accessing your Facebook that you left logged in on a public computer or someone gaining access to your credit or debit card and running up purchases.  The biggest hole in the entire process is the human element.  The majority of people make passwords something extremely easy to remember or use the same thing throughout multiple sites.  Im guilty of using certain passwords for not the most secure sites, but I do use another for banking, email, and other high priority sites.  What is new on the horizon when it comes to cyber security?

Walking For Security?

According to Privacy and American Business, 1 out of 5 Americans have fallen victim to some form of identity theft.  The real figures are extremely hard to determine due to the credit card companies slightly skewing the numbers as to not cause a panic and make it seem their business model is still relevant.  Numbers reported by most credit card companies range in the hundreds of thousands a year while most security professionals look to the number to be in the millions.  I can believe that the number is so high based on how the majority of Americans create their passwords.  One out of every ten people use 1234 as their debit card PIN.  That means, if you find ten debit cards in your life on the street, one of them you could use and access all of the funds of that person.

A little while ago this year, 6.5 million LinkedIn passwords were leaked as well as the hacking of Yahoo and eHarmony lead to the posting of thousands of login and password credentials.  Found throughout this entire fiasco, authorities noted the top ten passwords for Yahoo.com loggers.  123456, password, welcome, ninja,  abc123, 123456789, princess, sunshine, 12345678, and 0 where the top ten discovered from the list.  You don’t even need a brute force attacker for these, you can guess the majority of them and since most people use the same password for multiple sites, all a hacker needs to do is confirm that one of these work for your Yahoo account and they may have much more at their fingertips.  If you belong to any of these sites, especially if you have a weak password, I would advise changing your password to something a little more complicated.  The best defense against a brute force or “guessing” attack is to choose two random words and put them together for your password, like “BarbequeRake”.  But every password can be figured out eventually so what is on the horizon?

Well we have all heard of biometric security such as eye scanners or finger print readers.  These currently do work but not 100% of the time as something as simple as dirty fingers could throw the scanner off.  We are currently also using vein printing machines in Brazil’s high crime areas which tracks blood flow patterns in an individuals hand to combat identity theft.  Most credit card companies use behavioral scanning on purchases.  Say you usually buy things in Illinois but your card is used locally in Florida, it sets off an alarm.  But now there is research going into all kinds of new security techniques such as keystroke mapping(recognition of keyboard patterns) and voice recognition.  Even if you password protect your cell phone and loose it, eventually someone could crack it or bypass it.  It would be significantly harder to crack a voice recognized unlocking phone than a standard password.

Researchers and students at Carnegie-Mellon University and Autonomous ID are joining together to go a “step” further into personalized security.  They believe that the way people walk can be used as a unique identifier and with the use of a BioSole implanted in the user’s shoe, can analyze the individuals pace, distance, timing, and general walking characteristics to define a profile for that person.  If they are correct in their research, this could put a whole new twist on security in general as we know it.  Imagine just being able to walk up to your computer and it could log you in and give you a big “hello.”  The uses for this type of security are endless.  Automatic doors, elevators, computers, etc could all be wired into your feet and be able to tell who you are without any invasive scanning or image recognition.

Summary

So in overall conclusion, please -please – please make your password something a little more difficult than p@ssw0rd or 1234.  Random words strung together will make a very tough password to crack and its fun and easy to remember.  I know Ill never be able to forget “BaconRocket” any time soon.  Otherwise we may be going towards voice recognition software on our PCs or Macs just to access our daily web blogs or Stumble, and that sounds like a huge hassle.  Plus, I don’t feel comfortable with my computer scanning my hands/eyes/fingers, it feels creepy…..

So fellow commenters, any good password combinations like “TowtruckInternetWaffles”?  Of course make it ones you don’t plan on using.  Let me know below!