1. Home
  2. Inconsistent, misleading password meters can increase risk of cyber attacks: Study

Inconsistent, misleading password meters can increase risk of cyber attacks: Study

Agencies
December 23, 2019

Washington D.C., Dec 23: Inconsistent and misleading advice offered on some of the world's most popular websites could actually be doing more harm than good, says a recent study.

Password meters">Password meters are frequently made available to help the users secure their personal data against the threats posed by cybercriminals.

The study conducted at the University of Plymouth has assessed the effectiveness of 16 password meters that people are likely to use or encounter on a regular basis.

The research says that there is a clear level of variation in the advice offered across different websites.

The study was published in the journal Computer Fraud and Security.

The main focus was dedicated password meter websites, but the study also sought to assess those embedded in some common online services (including Dropbox and Reddit) and those found as standard on some of our devices.

And while some meters do effectively steer users towards more secure account passwords, some will not pick them up when they try to use 'abc123', 'qwertyuiop' and 'iloveyou' - all listed this week among the worst passwords of 2019.

The study was conducted by Steve Furnell, Professor of Information Security and Leader of the University's Centre for Security, Communications and Network Research.

Commenting on the latest research, Prof Furnell said: "Over the festive period, hundreds of millions of people will receive technology presents or use their devices to purchase them."

"The very least they should expect is that their data will be secure and, in the absence of a replacement for passwords, providing them with consistent and informed guidance is key in the quest for better security."

"What this study shows is that some of the available meters will flag an attempted password as being a potential risk whereas others will deem it acceptable. Security awareness and education are hard enough, without wasting the opportunity by offering misleading information that leaves users misguided and with a false sense of security."

The study tested 16 passwords against the various meters, with 10 of them being ranked among the world's most commonly used passwords (including 'password' and '123456').

Of the 10 explicitly weak passwords, only five of them were consistently scored as such by all the password meters, while 'Password1!' performed far better than it should do and was even rated strongly by three of the meters.

However, one positive finding was that a browser-generated password was consistently rated strong, meaning users can seemingly trust these features to do a good job.

Prof Furnell added: "Password meters">Password meters themselves are not a bad idea, but you clearly need to be using or providing the right one."

"It is also worth remembering that, regardless of how the meters handled them, many systems and sites would still accept the weak passwords in practice and without having offered users any advice or feedback on how to make better choices," he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 12,2020

Mumbai, Jun 12: Following an overwhelming response for the mega rights issue of Mukesh Ambani-owned Reliance Industries, the partly paid-up rights shares are set to debut on stock exchanges on June 15.

The biggest ever Rs 53,124 crore rights issue was subscribed 1.59 times and received bids worth Rs 84,000 crore on June 3.

Reliance said the rights issue saw a huge investor interest, including from lakhs of small investors and thousands of institutional investors, both Indian and foreign.

In 2019, Ambani said in the Reliance's annual general meeting that the company will be net zero debt by March 2021. The company is on course to achieve its target ahead of the deadline.

"In spite of the COVID-19 crisis and the lockdowns, the due-diligence by Saudi Aramco for the planned investment in the O2C business is on track as both the parties are committed and actively engaged," he said recently.

"With a strong visibility to these equity infusions, Reliance is set to achieve net zero debt status ahead of its own aggressive timeline. We believe rights issue was a part of the company's strategy of deleveraging its balance sheet," said Ambani. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 16,2020

While Google is still working on a coronavirus screening and tracking website, Microsoft Bing team has already launched a web portal for tracking COVID-19 infections worldwide.

The website, accessible at bing.com/covid, provides up-to-date infection statistics for each country.

The COVID-19 Tracker currently lists 168,835 as total confirmed cases, 84,558 active cases, 77,761 recovered cases and 6,516 deaths.

There are at least 3,244 confirmed cases of novel coronavirus in the US and at least 61 deaths.

"Lots of Bing folks worked (from home) this past week to create a mapping and authoritative news resource for COVID19 info," Michael Schechter, General Manager for Bing Growth and Distribution at Microsoft, was quoted as saying in a ZDNet report on Sunday.

An interactive map allows site visitors to click on the country to see the specific number of cases and related articles from a variety of publishers.

Data is being aggregated from sources like the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and the European Centre for Disease Prevention and Control (ECDC).

Microsoft announced the website two days after US President Donald Trump said Google has begun working on COVID-19-related portal for US citizens.

Google's website is being built by Verily, a subsidiary of Alphabet focused on healthcare services.

"More than 1,700 engineers are currently working on the site", Trump said during a press briefing last week.

The tool will triage people who are concerned about their COVID-19 risk into testing sites based on guidance from public health officials and test availability.

Initially, there was some confusion on Google's coronavirus portal but the company later announced that it is "partnering with the US Government in developing a nationwide website that includes information about COVID-19 symptoms, risk, and testing information."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 12,2020

Thiruvananthapuram, Mar 12: In the wake of COVID-19 outbreak, Internet service providers in Kerala have agreed to step up the network capacity by 30 to 40 per cent of the present capacity to meet the demand, especially in view of the spurt in work-at-home mode.

"The decision was made at a meeting of representatives of various telecom service providers in Kerala circle and officials of the Telecommunication Department convened by the Secretary, Electronics and IT, following a direction by Chief Minister Pinarayi Vijayan to look into the issue," said a press release by the IT Department.

The decision will be beneficial for those working in IT institutions. The government has come out with a set of suggestions to avoid social gatherings at public places in view of coronavirus spread. Telecom service providers have assured the government that they are well equipped to face the current situation.

The major part of Internet consumption in Kerala is made available through local servers. Moreover, global Internet traffic is very low as compared to the overall consumption. So, increasing the capacity won't be difficult, service providers informed.

"Complaints regarding the low availability of the Internet due to the spurt in consumption of the Internet can be made to the service providers to their complaint redressal number or inform state government call centre (155300). But complaints regarding the insufficiency in the current network infrastructure should be strictly avoided," said the release.

The IT Department will also demand daily reports from various telecom service providers. By analysing these reports, steps for remedies will be taken after bringing the sudden increase in consumption to the service providers.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.