The Importance of Password Strength and Dual Authentication

In June of 2015, a survey of 2000 consumers in the U.S. and the U.K. was conducted by Telesign.It was discovered that around 40% had “a security incident” in 2014, meaning they had an account hacked, or password stolen, or were given notice that their personal information had been compromised. It certainly does not help that 73% of the consumers surveyed use duplicate passwords, – many of which have not been changed in five years or more.[1] However, along with a better approach to using stronger and unique passwords, two-factor authentication (sometimes called dual/multi-factor authentication or multi-step verification) can provide the needed protection. According to Symantec, 80% of cyber-breaches could be prevented by two-factor authentication. Two-factor authentication is an authentication method to make multiple checks that an identity is legitimate.

A password is defined as a sequence of characters required for access to a computer system[2]. Within the context of cyber-security, the use of strong passwords is essential to securing online and user accounts. Mostsystems require a password for a user account. In 2012,Trustwave carried out aninvestigation on 300 breaches across 18 countries. They also analyzed the usage and weakness trends of more than 2 million real-world passwords used within corporate information systems. It was found that 80% of security incidents were due to the use of weak administrative passwords. Furthermore, in the 2015 Trustwave Global Security Report, it was revealed that out of a password sample size of 499,556 hashed[3]  passwords; experts cracked 51% of them within 24 hours and 88% within two weeks. This result was due to the high use of easy-to-guess passwords.

Weak passwords provide the risks of, but are not limited to, identity theft, theft of intellectual property and pilfering of financial information.To minimize these risks, two-factor authentication has become a necessity and is now generally being adopted. Two-factor authentication utilizes the combination of two out of the three possible methods; “something you know”, such as a password, “something you have”, such as a text message to your mobile phone and “something you are”, such as your fingerprint. In fact, two-factor authentication has become mandatory within some organizations. According to the 2015 Telesign survey, 8 in 10 consumers are worried about their online security and 7 in 10 no longer trust passwords alone to protect their online accounts. Of those consumers surveyed, 68% said they want companies to provide an extra layer of security.

Wilson Consulting Group (WCG) providespolicies, processes and makes recommendations for planning and implementation of viable solutions that will help you to prevent the usage of weak passwords and further vulnerabilities. Telesign discovered that 86% of people who use two-factor authentication feel their accounts are more secure.

We also educate and train employees on information security best practices. Education is only the first step but a very key one. The implementation and persistent reinforcement of well-constructed policies and procedures facilitate part of a strong defense against cyber-criminals.

[1]https://www.telesign.com/resources/press-releases/report-70-percent-of-consumers-are-losing-faith-in-passwords-want-additional-account-security/

[2]https://www.merriam-webster.com/dictionary/password

[3]http://searchsqlserver.techtarget.com/definition/hashing