Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

High Profile PayPal Hack Illustrates Password Security Flaw

Gridsure : 25 August, 2010  (Technical Article)
As another password based hack strikes online service users, GrIDsure discusses using one-time pass codes based on simple pattern recognition technology as an alternative to easily stolen PIN codes and passwords
Following the latest news that iTunes accounts linked to PayPal have been targeted by hackers, Stephen Howes, CEO of GrIDsure, the innovative alternative to PINs and passwords provides his thoughts.

"The embarrassing hack of PayPal/iTunes accounts once again highlights the weakness of fixed passwords and shows how vulnerable these services are to attack. It is clear that hackers are using increasingly sophisticated methods to steal account details yet amazingly these high profile brands just seem to shrug their shoulders and simply ask users to change their password. This does nothing to prevent the same thing happening again in the future and keeps playing into the fraudsters hands.

"If these online service providers want to stay at the forefront of industry innovation they must look at implementing more secure, easy-to-use and cost effective solutions such as software-based one-time passcode systems, which help avoid the embarrassment caused by attacks such as this and the associated loss of user confidence. These systems ensure that if a user inadvertently enters their details into a phishing site the fraudster cannot use the stolen password or PIN because it has already expired."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo