Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Hints File Vulnerability in Windows Puts Safety Of Passwords Into Question

SecurEnvoy : 29 August, 2012  (Technical Article)
SecuEnvoy states the case for Two-Factor Authentication (2FA) in light of vulnerability of password hints file on the Windows 7 and 8 Operating Systems
Hints File Vulnerability in Windows Puts Safety Of Passwords Into Question


Commenting on reports that hackers can now gain ready access to the password hints file(s) on Windows 7 and the upcoming Windows 8 platform, SecurEnvoy says this is just another example of how the integrity of passwords has become seriously eroded in recent years.

According to the company’s technical director, Andy Kemshall, it is thanks to security faux pas in the many millions of lines of code that goes to make up an operating system and/or major program suite these days – coupled with the ability to brute-force millions of passwords per second  – that passwords are proving that they are often the weakest link.

“It’s ironic that this story should have broken just a few months before Windows 8 – Microsoft’s next-generation and apparently secure-enhanced operating system – is formally released. This news story does not fill me with enthusiasm to rush out and upgrade, but it does encourage me to look more seriously at how I secure my desktop and laptop computer against prying eyes,” he said.

“If passwords just don’t do the job, then people have to turn to multi-factor authentication to help protect themselves. Unfortunately, as a growing number of users of online banking have discovered in recent years, it’s a real pain having to tote a hardware token around with you all the time, especially when you find that - when you really need to check your bank account - you don’t have the token with you,” he said.

“It’s for this reason that we have developed our tokenless (2FA) technology, using mobile phones to ensure that – even if hackers do gain access to a passphrase hint file – those online sessions defended by tokenless (2FA) remain 100 per cent protected,” he added.

The tokenless (2FA) specialist’s technical director went on to say that, as computing power and ingenuity increases in the future, these (lack of) security issues will almost certainly raise their ugly heads with increasing frequency.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo