I still remember a time when having a computer in your business was like being in a Jetson’s cartoon. But by the 1980’s computing was becoming the norm, and soon there was a computer on every desk. It wasn’t long before we were all connected to each other by the Internet. Businesses were able to expand their area of operation, and it became possible to find more supply distributors. Life was good. It wasn’t long, however, until we realized that computing wasn’t restricted to good, honest people.
Computer security became an issue, and the information technology industry responded with password protection. In the beginning, requirements for passwords were relatively simple, usually six to eight characters, probably not case sensitive, and probably not requiring special characters. Being human and prone to forget, we picked passwords that we’d be sure to remember. After all, nobody could have figured out our anniversaries, birthdays, children’s names etc. So we went along happily protected by a password like me12345.
But soon we learned that hackers are pretty resourceful. Some of them, perhaps friends, neighbors or coworkers, relied on social engineering. Or perhaps we were just completely forgetful and had a post-it note taped to the bottom of our keyboard. We responded by using longer passwords with case sensitive letters and numbers, so now my “completely unhackable” password resembled something like Me1234567. Not such a far stretch. But technology continued to improve, and so did the bad guys.
Enter keystroke loggers that record the keys struck on a keyboard, usually without the user ever knowing their actions were being monitored. Faster computers allow password crackers to test over a hundred million possible password combinations each second. With all of these tools at the disposal of the bad guys, how do we protect ourselves? Many industry experts are calling 2013 “the year the password dies.”
Two Factor Authentication, or TFA, is one solution that is growing in popularity. TFA is an authentication method that requires two or more of the three authentication factors: something you know, something you have, and something you are. This method of authentication is much more secure than passwords because it uses combinations of passwords or pins, tokens, biometrics and other technology not embedded in the system and therefore not subject to attack. It is probable that more computer manufacturers and Internet Service Providers (ISPs) will soon be offering TFA capability.
As technology improves, it is important to remain vigilant. Being proactive is your best defense. Staying up-to-date on protection measures is one of the best ways to make sure your defenses are current.