ReportWire

Tag: Password Security

  • Get a Lifetime of Password Protection for $20 During the Labor Day Sale | Entrepreneur

    Get a Lifetime of Password Protection for $20 During the Labor Day Sale | Entrepreneur

    [ad_1]

    Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.

    Cyber attacks may seem like an abstract threat, but there are very real things you can do to help prevent threats to your business. A recent TraceSecurity report found that 81% of company data breaches were just caused by poor passwords.

    Improving your password security involves a bit more than adding a few digits to your company login. If you want more comprehensive password security assistance, the trick is to get a good password manager like Sticky Password. This Premium Password Manager can generate, save, and autofill an unlimited number of encrypted passwords, and it has been marked down to $19.97 during the Labor Day Sale.

    Get a password manager for life for Labor Day.

    Sticky Password is a simple service that generates, saves, and fills in your passwords for you. Once you log in, you can enter your passwords for each account you want to connect. Once a password is saved, Sticky Password will sync with the devices on your account. You can even save your password data locally so there’s no vulnerable information online.

    A Sticky Password Premium Plan comes with some extra bonuses suited to the more advanced security needs of a business versus an individual. The Premium Plan includes unlimited encrypted passwords and data storage, automatic form-filling, password generation, a secure digital wallet, support for two-factor and biometric authentication, and connection on all your mobile and desktop devices. Plus, you get a secure cloud backup with all your password data and priority support.

    It’s no wonder Sticky Password received a rave review from PCMag, which wrote, “Sticky Password Premium does everything you’d expect from a password manager and more. New biometric authentication and no‑cloud Wi‑Fi sync make it an even better choice.”

    Purchase privacy this Labor Day.

    Worried about your business’s online security? Start by protecting your passwords.

    During our Labor Day Sale through September 4 at 11:59 p.m. PT, get a lifetime subscription to Sticky Password Premium for just $19.97 — no coupon required.

    Prices subject to change.

    [ad_2]

    Entrepreneur Store

    Source link

  • Why Businesses Should Go Passwordless as Soon as Possible | Entrepreneur

    Why Businesses Should Go Passwordless as Soon as Possible | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    In the privacy-driven business environment, passwords are gradually becoming obsolete. Did you know that the first digital password debuted in the 1960s? Until then, passwords had remained the same over time, despite several improvements to digital identification and verification.

    Certainly, passwords are a holdover from the era before when cyber crime and password-based attacks became a serious and pervasive issue. With the proliferation of technology and user accounts, major challenges have emerged due to passwords, including the need for users to remember numerous passwords, support expenses and — most importantly — the security concerns posed by stolen credentials. As a result, the reason for eliminating passwords from the authentication process becomes more compelling every day. This is where passwordless authentication comes to the rescue.

    Related: Here’s Why It’s Time to Move Away From Passwords

    What is passwordless authentication?

    Passwordless authentication eliminates the need for a password by allowing users’ identities to be verified by their biometrics or other possessions, thereby minimizing security vulnerabilities. Backing this statement, Microsoft claims that combining biometrics and possession authentication reduces account security risks by 99.9%.

    Considering the vulnerabilities of password-based authentications, businesses must take the necessary actions to implement passwordless authentication as soon as possible to secure their users’ data and identities. In light of that, I’ll explain why this is the ideal time for businesses to use passwordless authentication.

    Witnessing current technological advancements, it is evident that authentication techniques have also advanced significantly since former times, providing us with safer and more beneficial alternatives for authentication. Why do we still secure our data using old and ineffective techniques like password-based authentication?

    However, fortunately, businesses are now quickly evolving to replace passwords since technology and its users continue to grow along with the demand for branding, visibility and application efficiency, thereby leading to enhanced data privacy and security.

    Considering the potential dangers and inconveniences involved with using passwords, many businesses are now moving on from passwords eventually and switching to more secure authentication methods like passwordless authentication. Furthermore, given the surge in cyber attacks and credential theft, abandoning passwords is highly advantageous, and when done correctly, it increases security and convenience.

    Related: Here’s Why Passwordless Authentication Is Better for the Business Environment

    Why businesses should consider going passwordless right now

    When businesses adopt passwordless, they must first identify the drawbacks of using passwords and feel the benefits of a passwordless future. In that context, it is essential to consider security, authenticity and applicability. The critical justifications for businesses to take the passwordless route are outlined in the list below.

    Get rid of exhausting password management:

    For users, it’s easy to mistype or forget passwords for their accounts. They eventually develop weak passwords like p@ssw0rd or Password*12345 to make them easier to remember. Moreover, many users tend to write them down on sticky notes or save them in a computer document, compromising critical information security.

    However, there are no passwords to remember with passwordless authentication since they only involve authentication factors like email or SMS OTP, magic links and biometrics. Also, businesses can save users’ time by eliminating the need to hunt up the right passwords or frequent password resets, thereby making the user experience seamless.

    Reduce the cost of IT support:

    According to Forrester research, businesses spend up to $1 million annually on equipment and personnel to handle password resets. Fortunately, password-related expenditures, including password storage and administration costs, can be drastically reduced with passwordless authentication.

    Decrease the likelihood of password-based attacks:

    Businesses are becoming increasingly susceptible to password-based attacks, but only a few are equipped to defend against them. Passwords are highly vulnerable to cyber attacks, which can be deceptively subtle and take various forms. However, by using passwordless authentication, this risk is minimized. Going passwordless necessitates an initial infrastructure investment, but it can eventually lower the cost of password management.

    Users’ information is safer when passwords are eliminated:

    Years of experience have made it easy for cyber criminals to guess, steal or acquire passwords. For instance, Microsoft reported that 44 million accounts were at risk of account takeover due to stolen or compromised passwords.

    Also, a Google poll revealed that 65% of users repeat passwords across numerous accounts or websites. Given these statistics, it is probable that passwords have already caused threats and will continue to do so to the detriment of businesses and their users. Businesses cannot fully influence users’ behavior, but by going passwordless, they may decrease the likelihood of a cyber attack.

    Passwordless authentication increases conversion rates:

    Businesses that make login processes more seamless for users get higher conversion rates. When logging in with passwords, users often give up halfway through the procedure since they find it too difficult or time-consuming to complete. For instance, VTEX, a cloud-based ecommerce platform, claims that getting rid of password-based logins that reduce login friction can increase conversions by up to 54%.

    Related: Passwords Are Scarily Insecure. Here Are a Few Safer Alternatives.

    The aforementioned reasons are some critical aspects that should drive businesses to adopt passwordless as soon as possible.

    Since the risks associated with passwords continue to rise, businesses must swiftly move on from passwords in preference for efficient passwordless multi-factor authentication systems. Businesses that implement it correctly will increase security while enhancing user comfort for authentication. The decision to start a passwordless journey depends on your business model and needs.

    Going passwordless is more likely to be an evolutionary rather than a revolutionary process. Even though it won’t happen overnight, businesses can gradually transition to a passwordless future by carefully planning their strategy and roadmap toward the end vision. And businesses aware of all the considerations and standards will be in a good position to design a passwordless journey to prevent identity threats, provide excellent digital experiences and increase brand exposure.

    [ad_2]

    Deepak Gupta

    Source link

  • How to Protect Your Business Through Secure Digital Experiences | Entrepreneur

    How to Protect Your Business Through Secure Digital Experiences | Entrepreneur

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    Passwords were once seen as a credible way to improve security, but with the advancing threat landscape and the increase of bad actors using easy-to-crack passwords as an entry point for far-reaching crimes, passwords have outlived their usefulness in providing the necessary level of security. From social engineering to phishing and brute-force attacks, passwords can be one piece of the security puzzle, but a multi-layered approach is now best for ultimate cyber resilience.

    A major inhibitor to password effectiveness is the inconvenience, which promotes the reuse of the same weak password across multiple accounts. A recent survey of consumers worldwide found that 61% will choose a competitor offering an easier login experience, and 59% admitted they abandoned an online experience because the login experience was too frustrating.

    In a convenience-wins world, one way to earn customer loyalty is to provide a passwordless experience where individuals aren’t burdened by the headaches of changing, managing and constantly inputting passwords while still feeling confident that their data is secure.

    Related: Passwords Are Scarily Insecure. Here Are a Few Safer Alternatives.

    Understanding passwordless

    Passwordless authentication can be delivered using multiple digital experiences, each with its own advantages, which can serve different types of users. For example:

    • Biometrics: physical characteristics captured by your device, like fingerprints or facial recognition, to verify a user’s identity.
    • Security keys: physical devices that generate one-time codes used for authentication.
    • Email magic link: sends a secure login link to your email address for seamless access.
    • QR codes: highly secure authentication that doesn’t require entering a username or password.

    The highly personal and multi-step nature of these authentication methods makes them more secure and more difficult to compromise. They’re also easier and more convenient and eliminate the need to remember multiple passwords or be tempted to reuse the same one across multiple accounts. Many of these methods can be implemented to support high-security requirements by using phishing-resistant standards (including FIDO and WebAuthN).

    Related: Passwords Are Now a Weakness — Here’s Why It’s Time to Eliminate Them.

    Tailoring authentication needs to the industry

    Retail, finance and insurance industries all have different requirements for authentication, and experiences need to be tailored to fit a range of security and consumer needs. The key is always ensuring that the online identity represents the real human it claims. This diligence is necessary for protecting against fraudulent activity and ensuring the security of sensitive information.

    Retail websites often require less complex methods, such as an email magic link. In contrast, insurance and financial websites may require more rigorous methods, such as document verification from a driver’s license or passport and biometric authentication to comply with regulatory requirements.

    Using machine learning in passwordless authentication

    One benefit of passwordless is that it can be simplified by using artificial intelligence to analyze user behavior, identify patterns, and assess risk. Using machine learning algorithms to analyze user activity and log typical (or flag atypical) behavior patterns is a good example. These patterns – such as how a user types on a keyboard, the websites they prefer to visit, or what time of day they log in – could then be used to authenticate the user without the need for a password.

    This intelligence also identifies potential threats and vulnerabilities by monitoring user activity and analyzing data. Organizations can identify patterns that may indicate a security threat or vulnerability and take action to mitigate the risk. Implementing the correct tools here can help prevent Bot and Account Take Over (ATO) attacks.

    Related: Why Physical Security For Your Business Is Just as Critical as Online Security

    Steps to creating a passwordless experience

    If you see the benefits of creating a passwordless experience for employees and customers, here is how you get there:

    1. Design a strategy that maps your customer journeys for their first visit and return visits, including which types of devices, computers, and browsers they will likely be using and how often they will be on the site. Ensure that your passwordless authentication methods are compatible with your customers’ devices and platforms.
    2. Assess the amount of identity assurance needed against the friction customers are willing to endure. Regardless of the type of website, choosing the right method is crucial. Organizations must select an authentication method that aligns with their customers’ needs and their platform’s requirements. For instance, facial recognition is a convenient option for mobile devices, while security keys are more suitable for desktop environments.
    3. Give a passwordless option, even if some customers keep passwords because they’re more comfortable with them. This allows a company to cater to a broader range of user preferences and needs. Include education on passwordless such as how it works and how to use it. Many users are accustomed to using passwords and may be hesitant to try a new authentication method. Providing clear and concise information on passwordless authentication and its security advantages can help steer customers toward this option.
    4. Use intelligence to reduce friction for a seamless user experience. Authentication should be simple and intuitive for users without requiring additional steps or creating unnecessary friction. Placing risk and context awareness toolsets in your authentication flow ensures friction is low and security remains strong.
    5. Extensively test with people who represent your user population. The people at your company are likely not the targets of your service, so be sure to test the right individuals to ensure its efficacy, compatibility and ease of use. Testing should be done with different devices, browsers, and operating systems.

    Achieving a passwordless future

    The security of a website isn’t solely dependent on the presence or absence of passwords. Other security methods, including encryption, access controls, and security protocols, also play a valuable role in website security. Still, passwordless authentication and verification are important aspects of a comprehensive security strategy.

    With the increasing security risks associated with passwords, the shift toward a passwordless future can provide significant benefits for both businesses and customers. With the right approach, passwordless authentication can become the norm for all customers as they access online accounts and services, making seamless and secure digital experiences commonplace.

    [ad_2]

    Jason Oeltjen

    Source link

  • AI Can Crack Most Passwords Instantly, Make Yours Safer Now | Entrepreneur

    AI Can Crack Most Passwords Instantly, Make Yours Safer Now | Entrepreneur

    [ad_1]

    In our ever-expanding digital world, passwords are an inevitability: email, apps, subscriptions and loyalty programs — nearly everything is designed to be secure behind a self-set code that permits entry. According to technology site TechCo, the average person has about 100 passwords, so it’s no surprise that when signing up for a new account, individuals can sometimes get lazy with word choice. However, there’s a new risk to password vulnerabilities: artificial intelligence.

    A new report by Home Security Heroes found that 51% of common passwords can be cracked in less than a minute using an AI password cracker, and 81% can be cracked in less than a month.

    Home Security Heroes used the AI password cracker PassGAN to run through a list of 15,680,000 passwords. The odds of AI decoding one’s password increase when a password has a minimal amount of characters and lacks variety (only using lowercase, only using numbers, etc.). Still, it found that it took PassGAN less than six minutes to crack a password of seven characters, even when it contained symbols.

    Related: Elon Musk Says We Should Stop Rapid AI Development Right Now — Here’s Why

    How to set a password that’s safe from AI:

    According to Home Security Heroes’ findings, it takes AI significantly longer to crack a password with more characters and variety. In essence: The longer the password and the more letters, numbers and symbols you use, the safer it is from AI.

    A password with 14 characters composed of upper and lower case letters, symbols and numbers takes AI an average of 187 million years to crack, as opposed to a password of seven characters composed of just upper and lower case letters — which takes AI an average of 22 seconds to crack.

    Although it might be more time-consuming, if you want to ensure password security as AI technology advances, it’s best to keep your passwords at least 10 characters long, with some combination of upper and lower case letters, symbols and numbers.

    Related: How AI Is Shaping the Cybersecurity Landscape — Exploring the Advantages and Limitations

    [ad_2]

    Madeline Garfinkle

    Source link

  • Keep Your Accounts Secure with This Password Manager, Now Just $23.97 for Life | Entrepreneur

    Keep Your Accounts Secure with This Password Manager, Now Just $23.97 for Life | Entrepreneur

    [ad_1]

    Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.

    There are a lot of things to keep tabs on when you’re a busy entrepreneur. There’s simply not enough time to stay on top of all of your passwords for various sites and apps and jot them down. You also need to make sure they’re difficult to crack to avoid being hacked, as cyber risks continue to grow.

    As an award-winning password manager that keeps your important info secure, Sticky Password Premium helps with both of those tasks. And you can score a lifetime subscription to Sticky Password Premium for just $23.97 — that’s $170 in savings.

    Avoid hitting the dreaded “forgot password” prompt again with help from Sticky Password Premium. This password management solution helps protect your important logins online by not only providing super strong encrypted passwords but also remembers them all for you!

    Everything is managed by a single master password that you select, so your information stays secure, and all you have to do is remember one password of your choosing instead of dozens. Sticky also helps you automatically log in to any recognized site and helps you save and fill out passwords across the web.

    One user shared, “I recently started using Sticky Password to manage my passwords, and I’m very impressed with it. The interface is intuitive and easy to use, and I love that it can generate strong passwords for me.”

    A lifetime subscription to Sticky Password Premium is available for just $23.97, with no coupon code required, now through April 11 at 11:59 p.m. PT.

    Prices subject to change.

    [ad_2]

    Entrepreneur Store

    Source link

  • If You Have a Business, You Have Passwords to Manage | Entrepreneur

    If You Have a Business, You Have Passwords to Manage | Entrepreneur

    [ad_1]

    Disclosure: Our goal is to feature products and services that we think you’ll find interesting and useful. If you purchase them, Entrepreneur may get a small share of the revenue from the sale from our commerce partners.

    Working your way up to starting your own business is challenging, so it makes sense that many early startups are lean in terms of size and resources. While an IT team might be limited, the need for security and reliability remains as important as ever.

    Enter Dashlane. Dashlane helps streamline data security for companies of all sizes. It’s a password management platform that is trusted by over 20,000 companies — and for good reason: Dashlane keeps users’ data private and safe with best-in-class security.

    Dashlane encrypts all customer data with AES-256 encryption—the first open-cipher approved by the NSA to be made accessible to the public that protects information at a “Top Secret” level. Dashlane also uses ARGON2, cutting-edge cryptography features, and automatic user-vault updates to keep your data as safe as possible.

    When you set your team up with Dashlane, you’ll save time and energy with easy deployment, end-to-end protection, and compatibility with G Suite, Microsoft, and several other identity providers. You’ll also get proactive breach notifications for everyone in your organization, and you can ensure maximum protection through effortless 2FA enforcement.

    There are many examples of how your Dashlane membership will save you and your business time. With Dashlane, you can access and manage all of your passwords in one place. You can share unlimited passwords without actually revealing them, and you can access accounts easily with seamless autofill features. A user can also store financial, medical, and personal information in their Dashlane vault.

    With its never-been-breached record, Dashlane maintains impressive average ratings of 4.5/5 stars on Trustpilot from over 4,000 reviews and 4.5/5 stars on the Google Play store from more than 175,000 reviews. It was also named App of the Day on the App Store.

    For more specific success stories, head to Dashlane’s website and learn how it helped organizations like Mercy Medical, which reported that it sped up access to its systems by 60 percent after signing up while improving both cybersecurity posture and HIPAA compliance. You also might enjoy the excellent case study chronicling how Dashlane helped RevGenius reduce its offboarding risks.

    Looking to try Dashlane for your business? Start a free trial today.

    [ad_2]

    StackCommerce

    Source link

  • Here’s Why It’s Time to Move Away From Passwords

    Here’s Why It’s Time to Move Away From Passwords

    [ad_1]

    Opinions expressed by Entrepreneur contributors are their own.

    It’s time to wake up to an uncomfortable truth: Passwords aren’t going to keep us safe online anymore. A recent breach of Fast Company’s content management system (CMS) should prove it. The hacker, known as Thrax, seemed more interested in posting offensive messages and highlighting the weaknesses than in stealing data, but the situation nevertheless provides a stark reminder that passwords aren’t secure anymore.

    Related: Passwords Are Scarily Insecure. Here Are a Few Safer Alternatives.

    So, what’s the alternative?

    Granted, Fast Co.’s password management didn’t align with password management recommendations. Their CMS was protected by just a default password that would take modern cracking software about .00002 seconds to beat (it was pizza123. Yes, really). The fact that Fast Co. bills itself as a tech-savvy online publication doesn’t excuse this oversight, but it’s by no means unique. How many of us do the same — leaving easy-to-remember passwords in place across many of our accounts? Just like Fast Co., we assume there’s nothing there for a hacker to want and that we’re not a good target. But that doesn’t matter anymore, and it’s time we eliminate the password altogether. It has officially outlived its usefulness.

    Today, there are much better options than the humble password. Facial biometrics is the key to a world without passwords because of how unique our faces are. There are still challenges to sort out, of course, but as algorithms improve in accuracy, we’ll see a wholesale shift to face ID for identity verification.

    The most dependable path to widespread facial authentication is a digital identity wallet. This form of identity management differs from the type of face ID which unlocks your phone in the rigorous fraud prevention technology underpinning it. Liveness detection and other advances can prevent fraud, the likes of which might otherwise fool less-sophisticated facial recognition — techniques like using a photo, a deep fake or a 3D prosthetic mask.

    Your face, validated against an authentic government ID, allows you to unlock your device, access accounts and provide personal data to anyone. As a result, users and businesses can be more sure that their data is safe from fraud and theft. Instead of a password you know, your password becomes something you are, which is much more difficult for thieves to steal.

    Related: Recycled Passwords Are Putting Your Company at Risk

    Passwords are frustrating — and they don’t work

    It’s hard to imagine a digital world without passwords. They’ve become ubiquitous, and we take their existence for granted, which means that additional security measures are just that — an addition to the password. But a password isn’t very secure, even in the rare circumstance when someone is diligent enough to follow best practices. Unfortunately, best practices happen to be incredibly difficult to manage, so businesses have added things like one-time passcodes or similar two-factor authentication (2FA). But it’s not enough — even 2FA can be simple to hack.

    Moving away from passwords will make for a much less frustrating user experience while strengthening security. Isn’t it effortless to unlock your phone with your face? Compare that with an experience that everyone has shared — forgetting a password. You have to click a link, receive a new link, then come up with a new, complex password you’ve never used before. If there’s one more step in the process, like receiving a verification code, it’s even worse. And the unfortunate point is that if your email has been compromised, anyone can reset your password. Your password has become a weakness allowing a hacker to access your most personal data.

    Passwords are also bad for companies. Businesses spend a significant amount of operational dollars on login issues. With facial biometrics, they could re-allocate these dollars to other initiatives. The cost savings from eliminating password reset-related costs and instead implementing a digital wallet technology typically generates a positive ROI over time, especially when you factor in the savings from the added security.

    We keep clinging to the password because we can’t imagine online life without it. The funny thing is, we’ve already caught glimpses of what life could be. Everything can be as easy as unlocking our phone with our face, and we’re not sacrificing security with facial biometrics. We are actually making our authentication processes stronger than ever. Our passwords have become a weakness in managing our identities, and it’s time to let them fade away for good.

    [ad_2]

    Jeff Jani

    Source link