top of page

How Safe Are Your Passwords?

IN TODAY’S WORLD, IT IS DIFFICULT TO REMEMBER THE MYRIAD OF PASSWORDS TO ACCESS ALMOST EVERYTHING WE DO. IT IS NO SURPRISE THAT MANY OF US CHOOSE TO SAVE OUR PASSWORDS ON OUR BROWSERS. HOW MANY OF US KNOW THOUGH, THAT TWO POPULAR WEB BROWSERS STORE PASSWORDS IN PLAIN TEXT?

There is a level of implied security when using the save passwords feature – many of us assume that the passwords would be salted or hashed. This however, is not the case. Storing passwords in plain text means that anyone with access to the user’s computer will have access to all passwords saved on the browser. If employees are storing company passwords on their home or work browsers, sensitive company data may be compromised.

As more and more software systems, web applications and devices require authentication, users end up with a never ending list of user accounts and passwords. Every web application and system uses its own unique method of authentication with their own rules. “As an end user, the number of passwords we need to remember can become quite frustrating; so when presented with the option to let the computer deal with the problem, many of us accept it without giving it a second thought,” commented Kareem Tawansi, CEO of software development provider, Solentive Software.

As there are so many passwords to create and remember, many of us re-use the same set of passwords across different sites and applications. This common practice makes it easier for someone to gain unauthorised access to almost all applications and sites used. Furthermore, many systems use email accounts to retrieve or reset forgotten passwords. If someone is able to gain access to your email account, then they will have the power to reset all your passwords, locking you or your organisation out of your own email account and any other account that you own.

Unfortunately, the internet is crawling with people waiting for the opportunity to gain access to any information they can. However, by following some simple rules, you can help yourself and your organisation stay safe and secure online:

  • Reduce the number of user accounts you have and, where possible, use single sign-on which utilises existing user accounts

  • Protect your primary email password – this is the gateway to your online world and can be used to access almost all of your information

  • Keep your personal and professional worlds separate – don’t use the same personal password to access company data

  • Don’t save passwords in browsers, particularly company passwords

“Storing saved passwords is like writing your PIN down on a piece of paper and putting it in your wallet with your bank card. If you wouldn’t do that, then you shouldn’t save your passwords on your browser,” concluded Tawansi.

Additional Links

Statcounter Global Stats, 2013 – (Statcounter)

Comments


bottom of page