1. Home
  2. Inconsistent, misleading password meters can increase risk of cyber attacks: Study

Inconsistent, misleading password meters can increase risk of cyber attacks: Study

Agencies
December 23, 2019

Washington D.C., Dec 23: Inconsistent and misleading advice offered on some of the world's most popular websites could actually be doing more harm than good, says a recent study.

Password meters">Password meters are frequently made available to help the users secure their personal data against the threats posed by cybercriminals.

The study conducted at the University of Plymouth has assessed the effectiveness of 16 password meters that people are likely to use or encounter on a regular basis.

The research says that there is a clear level of variation in the advice offered across different websites.

The study was published in the journal Computer Fraud and Security.

The main focus was dedicated password meter websites, but the study also sought to assess those embedded in some common online services (including Dropbox and Reddit) and those found as standard on some of our devices.

And while some meters do effectively steer users towards more secure account passwords, some will not pick them up when they try to use 'abc123', 'qwertyuiop' and 'iloveyou' - all listed this week among the worst passwords of 2019.

The study was conducted by Steve Furnell, Professor of Information Security and Leader of the University's Centre for Security, Communications and Network Research.

Commenting on the latest research, Prof Furnell said: "Over the festive period, hundreds of millions of people will receive technology presents or use their devices to purchase them."

"The very least they should expect is that their data will be secure and, in the absence of a replacement for passwords, providing them with consistent and informed guidance is key in the quest for better security."

"What this study shows is that some of the available meters will flag an attempted password as being a potential risk whereas others will deem it acceptable. Security awareness and education are hard enough, without wasting the opportunity by offering misleading information that leaves users misguided and with a false sense of security."

The study tested 16 passwords against the various meters, with 10 of them being ranked among the world's most commonly used passwords (including 'password' and '123456').

Of the 10 explicitly weak passwords, only five of them were consistently scored as such by all the password meters, while 'Password1!' performed far better than it should do and was even rated strongly by three of the meters.

However, one positive finding was that a browser-generated password was consistently rated strong, meaning users can seemingly trust these features to do a good job.

Prof Furnell added: "Password meters">Password meters themselves are not a bad idea, but you clearly need to be using or providing the right one."

"It is also worth remembering that, regardless of how the meters handled them, many systems and sites would still accept the weak passwords in practice and without having offered users any advice or feedback on how to make better choices," he added.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
May 10,2020

In the wake of the gas leak at a factory in Visakhapatnam, the National Disaster Management Authority (NDMA) has issued detailed guidelines for restarting industries after the lockdown and the precautions to be taken for the safety of the plants as well as the workers.

In a communication to all states and union territories, the NDMA said due to several weeks of lockdown and the closure of industrial units, it is possible that some of the operators might not have followed the established standard operating procedures.

As a result, some of the manufacturing facilities, pipelines, valves may have residual chemicals, which may pose risk. The same is true for the storage facilities with hazardous chemicals and flammable materials, it said.

The NDMA guidelines said while restarting a unit, the first week should be considered as the trial or test run period after ensuring all safety protocols.

Companies should not try to achieve high production targets. There should be 24-hour sanitisation of the factory premises, it said.

The factories need to maintain a sanitisation routine every two-three hours especially in the common areas that include lunch rooms and common tables which will have to be wiped clean with disinfectants after every single use, it added.

For accommodation, the NDMA said, sanitisation needs to be performed regularly to ensure worker safety and reduce the spread of contamination.

To minimise the risk, it is important that employees who work on specific equipment are sensitised and made aware of the need to identify abnormalities like strange sounds or smell, exposed wires, vibrations, leaks, smoke, abnormal wobbling, irregular grinding or other potentially hazardous signs which indicate the need for immediate maintenance or if required shutdown, it said.

At least 11 people lost their lives and about 1,000 others were exposed to a gas leak at a factory in Andhra Pradesh''s Visakhapatnam on May 7.

The incident took place after it restarted operations when the government allowed industrial activities in certain sectors following several weeks of lockdown.

The lockdown was first announced by Prime Minister Narendra Modi on March 24 for 21 days in a bid to combat the coronavirus threat. The lockdown was then extended till May 3 and again till May 17.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 10,2020

US dictionary Merriam-Webster will update the meaning of the word "racism" after being contacted by a Missouri black woman, who claimed the current definition fell short of including the systematic oppression of people of colour, according to media reports.

"A revision to the entry for racism is now being drafted to be added to the dictionary soon, and we are also planning to revise the entries of other words that are related to racism or have racial connotations," according to a statement of the 189-year-old dictionary shared by Kennedy Mitchum, a recent graduate of Drake University in Iowa, on her Facebook.

Mitchum, 22, emailed the dictionary last month, following the death of African American George Floyd in the custody of four Minneapolis police officers, Xinhua news agency reported.

"I kept having to tell them that definition is not representative of what is actually happening in the world," Mitchum told CNN. "The way that racism occurs in real life is not just prejudice, it's the systemic racism that is happening for a lot of black Americans."

Merriam-Webster's first definition of racism is "a belief that race is the primary determinant of human traits and capacities and that racial differences produce an inherent superiority of a particular race."

"It's not just disliking someone because of their race," Mitchum wrote in a Facebook post on Friday. "This current fight we are in is evidence of that, lives are at stake because of the systems of oppression that go hand-in-hand with racism."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 13,2020

New Delhi, Jul 13: The Telecom Regulatory Authority of India (TRAI) has blocked Bharti Airtel's Platinum and Vodafone Idea's RedX premium plans that offer faster data speeds and priority services to customers as both the plans were violating net neutrality norms.

The telecom watchdog has asked Bharti Airtel to explain within seven days how such a similar plan being launched does not violate the rules of net neutrality.

Vodafone Idea's RedX plan has been in the market since November 2019. They made some modifications in May 2020 and the Bharti Airtel was soon going to launch a similar plan.

According to TRAI, the higher speed for premium customers discriminate against others and violates net neutrality.

Responding to TRAI's move, Airtel spokesperson said: "We are passionate about delivering the best network and service experience to all our customers. This is why we have a relentless obsession to eliminate faults and have been consistently recognised by international agencies as the best network in terms of speed, latency and video experience."

"At the same time, we want to keep raising the bar for our post-paid customers in terms of service and responsiveness. This is an ongoing effort at our end," the spokesperson said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.