November 27, 2006 3:53 PM PST

Security from A to Z: Passwords

Passwords cause problems.

For the IT department, password management is a headache, with many hours devoted to carrying out password resets for forgetful users. There's also the plain old human laziness of using the same password for a range of logins, or even using "password" as a password. Passwords are only as good as their all-too-human owners, and even then a hacker using a keylogger, say, can make off with their secret.

roundup
The A to Z of security
Read the first part in our rundown of hot security topics, from antivirus to zero-day threats.

In business, the debate about how to encourage password best practice oscillates between teaching users to be "creative" in making passwords that are adequately complex, to telling users to write down passwords somewhere secure. People are also told to use password management software, so they don't resort to choosing easy words or using the same password for several logins.

But it's a losing battle, some experts say.

In May, Gartner analyst Jay Heiser said passwords are "fatally flawed" and can't stand up to "motivated attackers". The drive to develop new ways of authenticating users, such as two-factor authentication or human biometrics, is in part fuelled by awareness of the weakness of systems built on crackable password security.

Some have predicted that passwords will be replaced with biometrics or other technology in the long term. Just how far away that day is remains to be seen.

Natasha Lomas reported for Silicon.com in London.

See more CNET content tagged:
biometrics, password management, password, security

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.