Hell Pizza security breach exposes the inherent frailty of passwords

26 July 2010
Following the announcement that pizza chain Hell Pizza may have been breached, revealing customer details and passwords, Stephen Howes, CEO of GrIDsure commented:

“The potential security breach of Hell Pizza yet again exposes the inherent frailty of passwords as a method of authentication and illustrates the risk of using the same password for numerous websites and online banking. However, users really aren’t to blame because recommended ‘strong passwords’ are just not very easy to remember, especially when you are advised to use a different password for every web-site you visit. This is clearly highlighted by the ‘forgot my password’ feature present on the password login screen.

“Every day millions of people log in to a variety of internet sites, from banks and social networks to on-line shopping portals, using a username and password combination. The owners of these sites have chosen this method of authentication in the misguided view that it is cheap and offers a good level of security. In reality, it is neither. Passwords can be compromised through various forms of attack, including shoulder-surfing, key-logging and screen-scraping.

“In order to genuinely improve security, organisations need to abandon login systems based on fixed passwords and PINs and replace this flawed method of authentication with a one-time passcode method. By making this change, organisations will reduce cases of data loss and identity theft while also saving money and improving customer satisfaction to boot.”



print versionPrint version | email this to a friendEmail to a friend | view other articles View other articles

Latest IT, computer and network security articles

 Companies continue to leave their security measures short when it comes to protection against mobile device risks

 Cloud-based Infrastructure as a Service save up to 55 percent of IT operations spend

 IronKey helps Orbotech ensure all high value company and customer data is secure

 Passwords are past their sell-by-date

 RandomStorm appointment signals European and worldwide expansion

 India and Russia are the biggest producers of viruses

 Misconfigured networks are the easiest IT resource hackers exploit

 The Return of Ransomware and Do-it-Yourself Botnets

 Atos Origin secures and manages the IT systems for Singapore 2010 Youth Olympic Games

 Djigzo partners with Comodo to provide email encryption and authentication solution

...[view more IT, computer and network security articles]...

 

Security websites for specific products:

Access control and RFID systems - Burglar alarm, intruder alarm and fire alarm systems - Biometric recognition and identification systems - CCTV cameras and systems - IT, computer and network security systems - Health and safety - Security guard services - Surveillance and remote monitoring systems

Security websites for specific markets:

Bank and financial security - Corporate security - School and education security - Sport event and live venue security - Healthcare and hospital security - Hotel restaurant and casino security - Industrial and manufacturing security - Infrastructure and Utilities security - Home and personal security - Public sector security - Retail security - Small Business security - Transport security

Breaking News IT Security News Network security Mobile & wireless security Firewalls Authentication & access control Security policies Data security Vulnerabilities & threats Web & Internet security Hacking & penetration Malware and spyware Virus and worms Virus infection map Scanning and removal

IT Security Directory Security events Job adverts Editorial policy Advertise Newsletter registration Free newsfeed for your site Bookmark this page
IT Security links


Copyright ©
IT Security Portal

Submit an article
Advertise
Terms & conditions


CMS and Web design by www.areza.com
directory of IT, computer and network security suppliers
Search directory Register your company
IT, computer and network security books:

SEARCH NEWS
DIRECTORY
Google