Password security on websites is becoming increasingly important as cybercriminals become more advanced and brazen in their attacks. This morning I read a fascinating article about a new concept being developed called the popularity oracle. The general idea behind the concept is to monitor the popularity of passwords on a particular website, and when necessary, alert the user that they may want to select a different password that is not as common and therefore possibly more difficult to guess.
The current password guidelines that are in effect suggest using a mix of lowercase, uppercase, numbers and symbols. These rules can be cumbersome, and as the developer interviewed pointed out, could still result in using a popular password (for example: P@$$w0rd).
But how, you ask, could the popularity oracle could be protected? And is this really a viable option moving forward for major large-scale websites such as Hotmail and social networking sites like Facebook? These issues are all addressed in the interview, which I highly suggest reading.
No comments:
Post a Comment