Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

One-Time Password Can Provide Improved Protection To Web-Based E-Mail

PinPlus : 03 June, 2011  (Technical Article)
Pinplus comments on the recent Google hacks and comments on the use of one-time passwords as a method of limiting the damage of such accounts being compromised

A UK online security specialist believes the hacking of US officials’ accounts by suspected Chinese experts could easily have been prevented - if services like Google mail would only make a tiny change to their systems.


Jonathan Craymer, MD of password replacement specialist PinPlus says changing to “one-time” passwords – in place of standard fixed ones – would solve the problem in one.


He says: “High traffic sites like Google, Facebook, Twitter and others used by millions across the globe keep putting their heads in the sand over this problem, but it’s never going to go away. Fixed passwords are dead, out-dated and insecure and have become the hackers’ friend. Yet it would be so easy for the owners of these sites to add far greater security with one-time passwords, which change every time.”


The pin+ system provides users with new sets of numbers to log in with each time. Hackers would not be able to use the codes again, as they only work once. The codes are delivered to users via the login web page, and do not require additional hardware to be carried or software to be installed on devices.


So called ‘spear phishing’ attacks, where users are tricked into giving away their passwords, simply would not work with pin+ one-time pass-codes.


Craymer added: “I’m calling on users to stand up and be counted, and insist on being given one-time code facilities. This could be provided for a few pence per user per year and would revolutionise security. Yet if users don’t make a fuss, it appears the big online services won’t ever get off their back-sides and make this simple little change, which would defeat so much hacking and online fraud.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo