Why you don’t need long, complex passwords

InfoWorld - Current Password AdviceWith the recent celebrity nude photo scandal where hackers targeted celebrities cloud storage accounts, our favorite IT Industry news resource InfoWorld has published another good article about this topic. This article talks about how current advice to have long complex passwords is useless now even though the Author (Rodger Grimes) recommended it and we also recommended it to our San Francisco Bay Area clients a few years ago. In the article, Grimes explains how most attacks where hackers get access to information is from “phishing attacks” and “credential database theft”. Funny enough, there are still people who click on those phishing emails and enter their Login information when asked to. The larger cause for hackers getting user login information has to do with credential database theft which is when a hacker breaks into a website or a database.  I believe hackers are able to access a database because they are able to use a users password to break into the website.

The article discusses how you can better educate your end-users about phishing attacks, utilize anti-phishing tools and implement better protection of your website/database with such technologies as Two Factor Authentication.

To read more about this, please go to the following InfoWorld article written by Rodger Grimes:http://www.infoworld.com/d/security/why-you-dont-need-long-complex-passwords-249530?page=0,0

Leave a comment