Home
Internet
Internet News
' fatigue' haunts Internet masses

' fatigue' haunts Internet masses 5x145k

By Agence -Presse | Updated: 25 June 2013 09:38 IST

ment

Looking for a safe ? You can give HQbgbiZVu9AWcqoSZmChwgtMYTrM7HE3ObVWGepMeOsJf4iHMyNXMT1BrySA4d7 a try. Good luck memorizing it.

Sixty-three random alpha-numeric characters in this case, generated by an online generator are as good as it gets when it comes to securing your virtual life.

But as millions of Internet s have learned the hard way, no is safe when hackers can, and do, pilfer them en masse from banks, email services, retailers or social media websites that fail to fully protect their servers.

And besides, with technology growing by leaps and bounds, why does the name-and- formula a relic of computing's Jurassic era remain the norm?

"The incredibly short answer is, it's cheap," said Per Thorsheim, a Norwegian online security expert and organizer of sCon, the world's only conference dedicated to s, taking place in Las Vegas in July.

"If you want anything else if you want some kind of two-factor authentication that involves using a software-based token, a hardware-based token or biometric authentication -- you need something extra," he told AFP.

"And that will cost you extra money."

Back in the beginning, it was all so easy.

The very first computers were not only room-sized mainframes, but also stand-alone devices. They didn't connect to each other, so s were needed only by a handful of operators who likely knew each other anyway.

Then along came the Internet, binding a burgeoning number of computers, smartphones and tablets into a globe-girdling web that required some virtual means for strangers to identify each other.

s have thus proliferated so much that it's a daily struggle for s to cope with dozens of them and not just on one personal computer, but across several devices.

There's even a name for the syndrome
fatigue.

"People never took s very seriously, and then we had a number of really big breaches," said Marian Merritt, Internet security advocate for software provider Norton.

"As people are increasingly accessing websites from smartphones and tablets, typing s is becoming an ever bigger pain," added Sarah Needham of Confident Technologies, developers of a picture-based alternative.

In a 24-nation survey in 2012, Norton found that 40 percent of s don't bother with complex s or fail to change their s on a regular basis.

Rival security app firm McAfee says its research indicates that more than 60 percent of s regularly visit five to 20 websites that require s, and that a like-sized proportion preferred easy-to-use s.

The most popular s, infamously, are "" and "123456," according to Mark Burnett, whose 2005 book "Perfect : Selection, Protection, Authentication" was among the first on the topic.

Biometrics are coming
Carl Windsor, director of product management at California-based network security firm Fortinet, said he once ran John the Ripper, a free program to crack s, through an employer's Unix system with its consent.

Within seconds, Windsor had one-third of its s. Within minutes, he had another third. "I also won a bet by finding the 'super secure' of a colleague in less than five minutes," he told AFP by email.

alternatives are in the pipeline.

Google is toying with the idea of s tapping their devices with personalized coded finger rings or inserting unique ID cards called Yubikeys into the USB ports of their computers.

The FIDO Alliance, a consortium that includes PayPal, is pushing an open-source system in which, for instance, websites would ask smartphone s to identify themselves by placing their fingertips on their touchscreens.

"These (biometric) technologies are coming to a place where they are highly mature, cost effective and in a position to roll out into the consumer market today," FIDO's vice president Ramesh Kesanupalli told AFP.

Kesanupalli said FIDO technology could be available as early as this year, bettering IBM fellow David Nahamoo's prediction in 2011 that biometrics would replace s within five years.

In Washington, the US Patent and Trademark Office has recently published several patent applications from Apple that envision facial recognition and fingerprint scanning.

Motorola's head of research Regina Dugan has gone further, proposing a " pill" with a microchip and a battery that would be activated by stomach acid. The resulting signal would emit an unique ID radio signal.

"I take a vitamin every morning. What if I take vitamin authentication?" said Dugan at the D11 tech conference in California in May, quoted by TechWeekEurope.co.uk.

For now, many Internet services are embracing two-factor authentication, that challenges s with a bonus security question like "What is your dog's name?" or emits a one-use-only numeric code via SMS messaging.

Online managers with names like Last, Kee, 1, Dashlane and Apple's just-announced iCloud Keychain have also been popping up like mushrooms.

They pledge to securely stash an individual's entire collection, accessible via one master . Some experts, however, consider the idea a Band-Aid solution pending the definitive replacement.

Until then, security experts widely agree on two core principles: make your s as long as possible, mixing up words with some numbers and symbols, and never ever use the same for more than one website.

Beyond that, just cross your fingers and pray that the website you're using is doing all it can at its end to protect the mental keys to your virtual world.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube. 86738

Further reading: fatigue