Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Hell Pizza Breach Demonstrates Problems With Password Based Security

Gridsure : 26 July, 2010  (Technical Article)
GrIDsure comments on the use of passwords as a potential security point of failure using the Hell Pizza incident as an example
Stephen Howes, CEO/CTO of GrIDsure comments on the potential Hell Pizza security breach:

"The potential security breach of Hell Pizza yet again exposes the inherent frailty of passwords as a method of authentication and illustrates the risk of using the same password for numerous websites and online banking. However, users really aren't to blame because recommended 'strong passwords' are just not very easy to remember, especially when you are advised to use a different password for every web-site you visit. This is clearly highlighted by the 'forgot my password' feature present on the password login screen.

"Every day millions of people log in to a variety of internet sites, from banks and social networks to on-line shopping portals, using a username and password combination. The owners of these sites have chosen this method of authentication in the misguided view that it is cheap and offers a good level of security. In reality, it is neither. Passwords can be compromised through various forms of attack, including shoulder-surfing, key-logging and screen-scraping.

"In order to genuinely improve security, organisations need to abandon login systems based on fixed passwords and PINs and replace this flawed method of authentication with a one-time passcode method. By making this change, organisations will reduce cases of data loss and identity theft while also saving money and improving customer satisfaction to boot."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo