Could biometric features help prevent rise in password hacking?
17 January 2013
Posted by Samuel Couratin
As many as 90 per cent of user-generated passwords are at risk of being hacked, a Deloitte report predicts.
According to the organization, even combinations perceived to be strong by IT departments within businesses will be vulnerable in 2013.
The findings are part of Deloitte's top technology predictions of the year report, compiled by the technology media and telecommunications (TMT) practice at the firm.
As passwords become longer and increasingly more complicated, many people find it difficult to remember the information, Jolyon Barker, global lead for the Deloitte practice, said.
"Instead, an additional bit of identification can be used," he advised.
"It could be a password sent to a cell phone or smartphone, a physical device that plugs into a USB slot, or possibly be a biometric feature of the user," Mr Barker added.
Failure to implement adequate password protection could lead to losses of up to billions of dollars.
In addition to financial repercussions, a decline in confidence in internet transactions and reputational company damage could stem from increased cyber attacks, the report suggested.
In the future, additional forms of authentication are likely to be needed for high-value sites in particular, as the value of the data protected by passwords continues to grow and the number of hacking attacks increases.
Splashback, a password management application provider, suggested users create a password with a combination of letters and numbers - with at least one uppercase character - in order to make the combination more secure.
It also recommended avoiding obvious log-ins, such as the inclusion of a person's name and advised against using the same password for different sites.
Last year, the company published a survey of the worst passwords of 2012, which revealed some of the combinations most likely to be victims of breaches in the future.
It found that 'password' topped the list of easy-to-crack web log-ins used most often, with '123456' positioned second in the study.