It would seem that more and more people are now turning to superheroes to protect them online. Last month The Express published the top 25 passwords of 2014 and new entries included Superman (21) and Batman (24). Sadly, neither the Man of Steel nor the Caped Crusader are strong enough to thwart the attempts of someone determined to gain access to an online account.
As well as the ‘obvious’ passwords such as 123456 (which remains at the top of the ranking) it is no surprise that people draw on popular culture to create passwords that they can hopefully remember. I suspect the 2015 list will see an influx of references to the new Star Wars film that opens in December, but turning to C3PO or R2D2 with the mix of numbers and letters is still not enough.
If like me you are a fan of these movies then you will know how easy it is to go online and find huge amounts of information about the film way before it is released, despite the best efforts of the film company to keep things under wraps. The information they have has a value and when something has value it is vulnerable to attack. And, if someone is prepared to pay enough money there is a very good chance they will find someone on the inside that can be tempted to take the risk and trade secrets, oblivious or uncaring as to the consequences of their actions.
The truth is unlike Batman and Superman, who somehow manage to keep their true identities hidden (even if it is just by wearing a pair of glasses!), most of us are not very good at keeping a secret. The problem is passwords are based on the premise that two parties can keep a secret (after all how does a poll of the top 25 passwords get complied in the first place). Whilst the vast majority of us would never dream of trading passwords for financial gain, it is all too easy to let them slip in day-to-day life, whether writing them down, sharing the same password with a friend, colleague or family member, using the same password repeatedly and never changing it, or simply choosing our favourite superhero – unaware that everyone is doing the same.
It stands to reason that if we want to keep things of value safe from others, then we need to protect them using a secret that cannot be shared, even if someone felt compelled to do so. Today technology such as PINgrid negates the need for a password and delivers secure authentication that is both stronger and easier to use for all concerned.
For more information take a look at: https://authlogics.com/products/pingrid/