View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Leadership
  2. Strategy
February 3, 2010

Twitter phishing attack highlights flaws of passwords

Twitter has apparently fallen foul of a phishing attack, alerting some users to reset their passwords and urging them to choose hard to guess passwords using a mix of words, numbers and symbols. Passwords are an obvious security weakness in any

By Cbr Rolling Blog

Twitter has apparently fallen foul of a phishing attack, alerting some users to reset their passwords and urging them to choose hard to guess passwords using a mix of words, numbers and symbols.

 

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals

Passwords are an obvious security weakness in any system. They are so hard to remember, that of course people will use obvious words or numbers and re-use them across many sites. Or just as bad, write them down on a Post-it and stick it on their desk or laptop.

 

Stephen Hower, CEO of GrIDsure, points out that this method of security is flawed: “The owners of these sites have chosen this method of authentication in the misguided view that it is cheap and offers a good level of security.  In reality, it is neither.  As we’ve seen, passwords can be compromised through various forms of attack, including shoulder-surfing, key-logging and screen-scraping.” 

 

As a purveyor of alternatives to PINS and passwords, Hower clearly has a vested interest in highlighting the flaws of the user name/passwords combo, but he has a point. Why does the user name/password combo remain so prevalent, when this method of authentication is insecure?  

 

 

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU