The Microsoft approach to security is not going to work, warns Secure Cloudlink.

Position::DATABASE AND NETWORK INTELLIGENCE: NEW DEVELOPMENTS
 
FREE EXCERPT

The Microsoft approach to security is not going to work, warns Secure Cloudlink. The Microsoft approach to passwords, which involves the creation of a list of passwords that users are forbidden to use with online accounts, is still not fit for purpose. This is according to Dave Worrall, CTO of Secure CloudLink, who argues that the inherent weaknesses presented by passwords are still being ignored.

Worral explains: "The current approaches to passwords, including Microsoft's new approach, still present vulnerabilities. The fact remains that even if a user creates a strong password, this alone will not be sufficient to protect it, due to the way they are stored and shared. Users can pick a series of complex passwords for different applications, which make them strong with regards to them being guessed. The risk is that if a site is hacked and the website or server doesn't store passwords in an encrypted format, then corporate data as well as personal details run the risk of being compromised. Even if passwords are encrypted, they can be stolen and the encryption cracked.

"What's more, although it's a positive sign that Microsoft is trying to bolster its security efforts, complex passwords are often inconvenient for users, which is why they are avoided in the first instance or why users forget them. As if this is not challenge enough, computing power...

To continue reading

REQUEST YOUR TRIAL