View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 21, 2013

University’s technology protects against password theft and phishing attacks

The hacking of large websites inspired the development.

By Duncan Macrae

Royal Holloway, University of London (RHUL), has launched new technology aimed at protecting protect people from phishing attacks, which are believed to have affected 37.3 million people last year.

The new security technology will also help prevent online password theft, which rose by 300% during 2012-13.

In recent months, the Syrian Electronic Army (SEA) has successfully launched phishing attacks against employees of the Financial Times to enable them to post material to its website, and mass attacks were launched within Iran using a fake Google email, shortly before the elections.

Scientists from RHUL have devised a new system called Uni-IDM, which will enable people to create electronic identity cards for each website they access. These are then securely stored, allowing owners to simply click on the card when they want to log back in, safe in the knowledge that the data will only be sent to the authentic website. A key feature of the technology is that it is able to recognise the increasing number of websites that offer more secure login systems and present people with a helpful and uniform way of using these.

Chris Mitchell, from RHUL’s Information Security Group, said: "We have known for a long time that the username and password system is problematic and very insecure, proving a headache for even the largest websites. LinkedIn was hacked, and over six million stolen user passwords were then posted on a website used by Russian cyber criminals; Facebook admitted in 2011 that 600,000 of its user accounts were being compromised every single day.

"Despite this, username and password remains the dominant technology, and while large corporations have been able to employ more secure methods, attempts to provide homes with similar protection have been unsuccessful, except in a few cases such as online banking. The hope is that our technology will finally make it possible to provide more sophisticated technology to protect all internet users."

Uni-IDM is also expected to offer a solution for people who will need to access the growing number government services going online, such as tax and benefits claims. The system will provide a secure space for these new users, many of whom may have little experience using the Internet.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU