I use passwords a lot. I have  different types of passwords. From strong, mega strong, and paranoid strong. Some I can remember, some I can’t – it drives me mad sometimes. Whether you like passwords or not, single-factor  authentication  (SFA) – also called single-one of the most common  first lines of defense used by various online systems to protect against unauthorized access to applications and data.

Single-password authentication remains   one  of  the  most  common attack vectors used by cyber-criminals to break into online systems. My view is that single-password authentication should be banned worldwide.  All publicly accessible  online systems that rely on single-password should be forced to use at least one form of strong multi-factor authentication (MFA). In this article, I cover five reasons why.

The growing threat of phishing, ransomware, and advanced persistent threats (APTs)

With the rapidly growing number of sophisticated cyber-attacks, such as phishing and ransomware, SFA has had its day. One way to fight back against the rise in cyber-attacks is by using strong MFA. It must be widespread and used as the most basic type of authentication mechanism. Unfortunately, many service providers and organizations still rely on SFA as their preferred method of authentication for online systems connected  to the internet. This is very bad. Here are five reasons why.

  1. Humans are naturally “lazy” when it comes to passwords

When we  are  challenged to  create a  password,   we  often choose something we can remember easily. That usually leads to a weak password.

Using password generators software can help create very strong passwords. However, various online systems still do not enforce strong password policies which means users can get away with creating very weak passwords.

  1. Computing power is increasing dramatically

Password-cracking  tools are getting more powerful.  With the dramatic increase in computing power, these types of tools are now widely used by cyber-criminals. Such tools are used to guess and break passwords quickly using brute force computational algorithms. And with quantum computing this power will increase exponentially, allowing password-cracking tools to break even the strongest password in a short period of time.

  1. Some service providers still store unencrypted passwords

We hear in the news every day about various online systems breached and personal information stolen. One such case was LinkedIn. By stealing millions of passwords,  cyber-criminals  used the password database to develop better tools for cracking passwords much faster.

  1. Password renewals frequency

One way to keep your password safe is by changing it on a regular basis. Various online systems are enforcing this mechanism to strengthen security. However,  forcing  users to change password  at short frequency  leads to

password  fatigue.  Unless strict passwords  policies are enforced, users may often re-use previous passwords for convenience.

5. Password fatigue

Too many passwords. Too many online systems. Users are feeling  the password  fatigue.  Many organizations are increasingly implementing  single-sign-on  (SSO) to allow users to login once using a single-password and then gain access to several online systems using a chain of trust.  However, if  the initial password  used to gain access is weak,  the overall system  is also weakened  in the process.

Preventing unauthorized access with strong MFA

In    summary,   single-password authentication remains one of the most widely used mechanisms to protect various  online systems  against  unauthorized access.   Relying on single-password   authentication alone is bad practice. I argue  that it should be banned completely.   All online systems accessible from   the internet should be forced to use strong MFA – this will greatly reduce  the rapidly growing  number  of cyber- attacks worldwide.

Marco Essomba | Founder of iCyber-Security
SHARE

Other Magazines