Kaspersky Lab Retools Password Security

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Kaspersky Lab is giving a new spin to new password security by introducing a technology that allows users to develop their own special input methods to secure their accounts. The idea has merit, but if history is any indication, getting users to adopt the solution open arms might be easier said than done.

Passwords. We all struggle to remember them. And we can’t write them down either. Most of the time, we end up using the same one over and over, or something that's ridiculously easy to guess. And without fail, the pneumonic devices also seem to work for hackers.

To be fair, in other cases, hackers also resort to specialized malware designed to launch brute force password attacks or execute keyloggers that record login keystrokes.

Related articles

The conundrum compelled Kaspersky Lab ZAO to develop new technology to protect passwords and secure data on a wide range of applications and devices.

Here’s the way it will work: Essentially, the technology allows users to configure their own password system at their discretion.

But don't they already do that? Yes, but this time, the technology allows them to develop their own special input methods--such as time lapse between insertion of two password symbols, pressing the mouse buttons at a certain point while entering the password, or overlapping keystrokes--in order to secure their accounts.

By relying on non-standard input techniques, users can then insert a predefined combination into the password to make the credential completely unique. If a 10-digit password is required, for example, ostensibly four could be “typed” by clicking the mouse at any given time.  A user could in theory enter three symbols, click four, and then type the remaining three. Hackers who intercept a password—even with keylogger malware—would only be able to determine six of the symbols, keeping the entire password secure.

Additionally, Kaspersky Lab’s new technology is compatible with any application that requires password insertion, and can also be applied to electronic devices and mobile phones.

Meanwhile, passwords are by far the most common authentication technique. In fact, most users have dozens of them to secure various and sundry accounts.

And more often than not, they’re easily hackable. That was made evident earlier this summer with a high profile hack of Web and news service Yahoo, in which hackers nabbed 450,000 passwords. And professional social networking site LinkedIN suffered far worse consequences when an external hack resulted in the exposure of 64 million user passwords.

Meanwhile, in 2007, the typical Web user maintained around 25 separate accounts but used just 6.5 passwords to protect them, according to one Microsoft study. And five years later, its likely that users rely on more passwords than that.

So make no mistake, the need for foolproof authentication mechanisms is there. However, what remains to be seen is if Kaspersky Lab’s technology will do the trick.

Historically, more involved security mechanisms, such as two-factor authentication, have elicited a tepid response from the general public. The reason can often attributed complex and cumbersome solutions, compounded by tracking and management challenges with tokens easily lost or forgotten.

Now, granted passwords aren’t nearly as complicated as two-factor authentication. However, getting users to embrace any kind of change—especially when they’re eager to access their favorite Web applications—might be easier said than done.

Of course, there is always room for the channel to help change that paradigm shift, by retraining users and emphasizing the importance of password security in consulting and education services.

And the technology could even give security partners a bit of leg up in enterprise markets looking to better secure of sensitive information. The reality is though, that change does not come easily. And it might take more than a few tries to get users to put down their dictionary word login and get excited about a security solution that might actually be harder to remember.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

Want to keep on top of all the North American channel news?

More on Channel Business
shadow-banking-web

Shadow IT brings ups as well as downs

While shadow IT poses a threat for solution providers, there are advantages to be found as well

mock3-0913

Channel millennials to learn from older peers with new CompTIA initiative

Initiative may help with 2015 emerging threat of millennial expectations

NY traffic lights

Gigamon launches partner program

Traffic visibility firm includes pre- and post-sales training certifications in new partner program

Sales online and in the shops

Black Friday wearable tech uptake splits industry

Shoppers may have snapped up a bargain wearable device on Friday, but just how much impact will this have when they choose to wear it to work today?

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
Road to city

Evolution to as-a-service a rocky road for VARs

The much-discussed service provider route does not come without repeated bumps in the road for solution providers

team-of-toy-figures-putting-a-final-jigsaw-piece-into-place

EMC’s VMware remains intact — for now

Amid a rapidly consolidating and converging technology market, the storage giant staves off the spin-off of its virtualization software arm and stays ‘whole’

business-help

VARs need to evolve; vendors can help them do it

Who bears responsibility for helping the channel adopt new business models?

charles-foley-watchful

Vendor Q&A Series: Charles Foley, Watchful Software

The latest channel exec to sit in the Channelnomics hotseat is Watchful Software's chairman and CEO