·Time Warner Cable
|reply to Kilroy |
Re: P@$$1234: the end of strong password-only security
said by Kilroy:I completely agree with that.
I would conclude by saying it doesn't matter how strong your password is, if the entity you are using it with fails to protect it. In reality, it isn't user passwords that are the problem, it is the leaked/stolen passwords that were entrusted to the people requiring a password.
I completely disagree with:
"Deloitte predicts that in 2013 more than 90 percent of user-generated passwords, even those considered strong by IT departments, will be vulnerable to hacking."
I'll stand by:
"Snowy predicts that if Deloitte had factored in (or left in) account lockout policies their "90 percent" would drop to less than 5 percent."
Why?: Because if the Deloitte study was about hacked password files & they failed to mention that they'd be guilty of more than just sensationalism.