At least once a year, you can find a report on the web about what the most common passwords are based upon leaked data. Think of these lists as the worst passwords you can ever use. Typically, 123456 and password top the list. Coming up the path of popularity are passwords 123456 and 123456789, as people are required to enter in longer passwords. Need a mix of letters and numbers? You might want to avoid abc123 and trustno1, among many others. Nowadays, a password security alone isn’t sufficient to lock anything down. How best can you secure your system to keep the bad guys out?
Passwords alone have long been the biggest weakness to many systems. While you can rely on software tools like RoboForm to remember stronger passwords, there is still the human factor involved when relying on a password only system to lock anything down. There are just too many options for someone to gain access to a valid and good password, including phishing, weak passwords, password re-use (across websites), password-stealing malware, and screen scrapers even. There has to be a better way to maintain data security of your systems.
By embedding security mechanisms into the platform hardware, identity protection has improved to the point where you can practically reveal what your password is and still be safe. Intel and its trusted partners are helping to make these identities safer, management easier, and access faster where password alone is insufficient to gain system access. Through the deployment of multi-factor authentication and services using embedded security features, such as Intel Identity Protection Technology (Intel IPT), your organization will be less vulnerable to system breaches.
While Facebook, Twitter, and eBay have long had Two Factor Authentication (TFA), Amazon finally joined the bandwagon in late 2015. Amazon calls it two-step verification, but it is still effectively the same thing. You need something else besides your password to log in. Typically, you’ll get an SMS message with a special code you’ll need to enter that enables you to log in with your password, though other options are available like a voice call or a saved set of valid authentication tokens. You can then deem a particular machine safe so you won’t need the SMS code again, or mark it as a public terminal where you don’t want the system to remember your login credentials and ensure password security.
Apple does have TFA, too, but on their phone you can unlock the phone with your fingerprint. There is a slight problem with this though. If your system gets hacked and your fingerprint scan goes public, there is no way to then change your fingerprint. People can “copy” your fingerprint and use it to gain access to anything you would have had access to. Basically, fingerprints alone aren’t a secure option.
This is where Intel IPT can help you as an IT Solutions Provider. They provide at least three options to help here:
- Intel Identity Protection Technology with One-Time Password (Intel IPT with OTP)
- Intel Identity Protection Technology with Public Key Infrastructure (Intel IPT with PKI)
- Intel Identity Protection Technology with Protected Transaction Display (Intel IPT with PTD)
Intel Identity Protection Technology with One-Time Password (Intel IPT with OTP)
Imagine having to change your password every 30 seconds. Now try remembering a new one 2,880 times per day. That’s essentially how Intel IPT with OTP works. But, instead of you having to remember each password, this is all controlled at the hardware level. No key fob required to see a new password on a hardware token that you type in before the next one is generated.
Intel Identity Protection Technology with Public Key Infrastructure (Intel IPT with PKI)
Public-private key data security options have been available for some time. It is embedded in some email clients even. Intel IPT with PKI takes this one step further and embeds a PKI certificate in the chipset.
Intel Identity Protection Technology with Protected Transaction Display (Intel IPT with PTD)
The last of the three is utilized with one of the other two to ensure the strongest way of inputting text for something like a PIN for access. It gives you a secure input window protected from malware screen scraping. Since hardware based, system software will know nothing about it and the system won’t get past the security through some compromised system component.
It is important to control access to internal resources. Logon credentials are only a small part of the equation. If you're relying on software only access controls be fully aware of the security implementations. Intel IPT adds access control at the chipset level that will help prevent you from having to deal with the ramifications of a data leakage due to poor password selection and maintenance.
Don’t leave security to chance, find out today if you are exposing vulnerabilities by signing up for our free Security and Threat Prevention Assessment.