Passwords have 2 years left
Companies are "fiddling while Rome burns" by continuing to put their faith in passwords to guarantee user authentication, according to a Gartner analyst. Gartner advises that enterprises should plan now to beat the 2007 password 'breakdown'. Passwords will reach the end of their useful life in as little as two years, forcing organisations to rethink the way they secure their corporate IT systems.
By 2007, the analyst group predicts that 80% of organisations will have reached "password breaking point" and will have to turn to more sophisticated technology to protect their systems and data. Businesses need to put a roadmap in place now that will allow them to phase out passwords and replace them with more secure two-factor authentication, said Ant Allan, research vice-president at Gartner.
Speaking at the Gartner IT Security Summit at London's Royal Lancaster Hotel this week, Allan will warn that passwords are rapidly becoming unusable as organisations attempt to stay one step ahead of hackers. By making passwords increasingly complex, and changing them with greater frequency, businesses are simply "rearranging the deckchairs on the Titanic," said Allan. The current generation of two-factor authentication devices - including smartcards, biometric readers, and one-time password tokens, which typically cost £70 a user to implement and run - will be too expensive for many organisations to deploy. Businesses are likely to turn to intermediate technologies, such as Entrust's Identity Guard, which is currently being trialled by banks and other organisations, said Allan.
But choosing the authentication mechanism is only part of the problem, said Allan. Organisations will need to invest in sign-on software to manage the passwords of legacy systems, while they migrate their systems towards two-factor authentication.
We have discussed this exact topic some time ago. See Password insecurity at enterprises, Microsoft to abandon passwords and Security industry giving wrong advice on passwords for 20 years.
By 2007, the analyst group predicts that 80% of organisations will have reached "password breaking point" and will have to turn to more sophisticated technology to protect their systems and data. Businesses need to put a roadmap in place now that will allow them to phase out passwords and replace them with more secure two-factor authentication, said Ant Allan, research vice-president at Gartner.
Speaking at the Gartner IT Security Summit at London's Royal Lancaster Hotel this week, Allan will warn that passwords are rapidly becoming unusable as organisations attempt to stay one step ahead of hackers. By making passwords increasingly complex, and changing them with greater frequency, businesses are simply "rearranging the deckchairs on the Titanic," said Allan. The current generation of two-factor authentication devices - including smartcards, biometric readers, and one-time password tokens, which typically cost £70 a user to implement and run - will be too expensive for many organisations to deploy. Businesses are likely to turn to intermediate technologies, such as Entrust's Identity Guard, which is currently being trialled by banks and other organisations, said Allan.
But choosing the authentication mechanism is only part of the problem, said Allan. Organisations will need to invest in sign-on software to manage the passwords of legacy systems, while they migrate their systems towards two-factor authentication.
We have discussed this exact topic some time ago. See Password insecurity at enterprises, Microsoft to abandon passwords and Security industry giving wrong advice on passwords for 20 years.
posted by Dwaine at 9/14/2005
0 Comments:
Post a Comment
<< Home