Beware the Password Paradigm

Governments and commerce alike are being warned that passwords are the easiest way for hackers to enter a system. And the safer you make them the easier they can be to crack.

  • E-Mail
By  David Cass Published  June 4, 2002

If you own or manage a business you would be well advised to make a note of the following phrase – PASSWORD PARADIGM.

It has been attracting interest throughout the region this past week as IT professionals and government officials attended the second ITP e-government roadshow in Dubai, Abu Dhabi, Riyadh and Amman. Basically, it describes a situation in which passwords to computer systems become so secure that they themselves become a security threat!

Confused? Read on….

According to the managing director of the Com Guard e-security firm, Herbert Kamensky, the passwords we all use for our PCs, internet access and both personal and corporate applications are the easiest point of entry for hackers to attack our home systems or corporate networks.

“There are readily available programmes which will crack 80% of six-letter passwords in minutes. They can check hundreds of thousands of combinations every second,” he reveals to his audiences.

A recent report on the CNET internet site confirmed that 89% of Fortune 100 corporations in the USA had been hacked in this way.

Kamensky tells his audiences that the easiest targets are six-letter passwords based on names or anniversaries. The answer, according to the IT boffins, is ever-more complicated passwords, which combine capital and lower case letters, numerals and special characters like * or #.

According to Com Guard, your computer can only nowadays be considered ‘reasonably secure’ with a ten-digit code, which incorporates all of the features above.

Have you ever tried using one? Can you remember it?

No. So what do you do?

According to Kamenski you write it down and leave it somewhere ‘safe’. “You would not believe what I find when I survey some corporations,” says the amiable Austrian, “Some people even tape them on their computer screens! More often than not the password is somewhere around the worker’s desk, in a drawer or under the mouse mat.”

And THAT is the Password Paradigm – as soon as you commit your ‘unbreakable’ password to paper it becomes even less secure than a poorly constructed password.

The banking sector is among the best for offering their customers security – but even that resorts to paper. “Your bank will give you a well constructed, secure, password which will only be known to you and to the bank. But they tell you to change it as soon as possible so that only you kinow what it is,” he says. “What do we do? Well, most of us change it to a password we can remember – and bang goes your security!”

“Happily,” he says, “there are better options available to those developing the region’s e-government infrastructure, which will give citizens and other users more security and confidence in the systems and therefore less resistance to the concept.”

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code