Wave Systems Corp. (fka WAVXQ)

[Genz2]

Football Fever Puts Password Security at Risk

https://www.infosecurity-magazine.com/news/football-fever-password-security/

Security experts have urged users to think more carefully about their password choice after spotting as many as one million based on simple football-related words.

Authentication firm Authlogics manages a Password Breach Database — a collection of previous stolen or cracked credentials which that allows it to spot trends and offer industry advice.

It claimed that of the one billion passwords in the trove, over 1.1 million are linked to the beautiful game. These are led by the password “football” (353,993), followed by “Liverpool” (215,842), “Chelsea” (172,727), “Arsenal” (151,936) and “Barcelona” (131,090).

The problem for these users is two-fold: not only are such credentials relatively easy to guess or crack, but if they’re reused across multiple accounts, including corporate ones, it could expose them to credential stuffing.

This is the practice of using automated software to try large numbers of previously breached log-ins simultaneously across multiple accounts, hoping that some will work.

Authlogics cited Google research which claims that over half (52%) of users reuse the same password on multiple accounts, with only a third (35%) using a different credential for all log-ins.

“If your password has been breached on one account, and you are one of the 52% of people who reuse their passwords regularly, you might find other accounts which were not breached also compromised,” Authlogics warned.

“If someone is aware of the amount of passwords that are associated with football, and are able to use social engineering tactics to discover which team an individual supports, they can make a good, educated guess as to their password to not just one, but multiple accounts.”

Password managers can help here by storing and recalling unique and robust credentials for each website and online account. Multi-factor authentication (MFA) is also recommended to bolster authentication security.

Authlogics recommended combining letters, numbers and symbols to increase password strength — even if football-mad users want to include their favorite team in their log-ins.
==================================================================
This article represents another big reason why organizations should be using Wave VSC 2.0 (MFA)!!!

Better security at less than half the cost!!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card

Excerpt:

The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.

=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpts:

Token-free, password-free user authentication

We know you’ve dreamt about shredding your list of passwords. Go on and do it.

Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
=================================================================
Rethink cybersecurity and use Wave's awesome solutions!!!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE