Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Facebook Forces Some Users To Reset Passwords
Oldest First  |  Newest First  |  Threaded View
Page 1 / 2   >   >>
dblake950
50%
50%
dblake950,
User Rank: Apprentice
11/17/2013 | 11:12:58 AM
Passwords
It's good that Facebook is being proactive, but judging by the increasingly regular announcements of massive breaches and easily cracked personal identifiers, the entire user password concept seems to be obsolete. Telling folks to install software to manage access to software seems the perfect indicator that things have gotten out of hand. What I'd really love to see is a company like Facebook driving the next great leap in personal digital identification--biometrics, voice activation--something requiring less drudgery on the part of the user. 
Brian.Dean
50%
50%
Brian.Dean,
User Rank: Apprentice
11/17/2013 | 2:04:27 PM
Re: Passwords
Yes and the technology behind biometrics etc has existed since quite some time, but I feel that before a platform like facebook makes biometric identification standard, banks and portals will have to take the lead, reason being that since not every computer is equip to handle biometric identification hence a social platform will want to maximize its user base and keep passwords as an option as well. Since 1.9 million people are using "123456" as their password, I guess 500 million people might just use passwords even if their computers and phones support biometrics.
Shane M. O'Neill
50%
50%
Shane M. O'Neill,
User Rank: Apprentice
11/17/2013 | 3:56:31 PM
passwords are getting old
Hopefully, big companies will learn from Adobe's epic fail. Facebook is wisely being proactive about password protection. It must with such a massive user base. But the use of passwords in general is getting dated and insecure fast. It's time for a breakthrough in fingerprint recognition, voice recognition and other biometrics to identify users.
PaulS681
50%
50%
PaulS681,
User Rank: Apprentice
11/17/2013 | 7:00:14 PM
password etiquette
I can see why people use the same password across multiple sites. There are just so many to keep track of. It's to bad that companies are so careless with their data and breaches take place. It has become expected today. As users need to be more secure and use different secure passwords businesses need to up their game as well.
PaulS681
50%
50%
PaulS681,
User Rank: Apprentice
11/17/2013 | 7:06:33 PM
Re: passwords are getting old
@Shane... Great point. Passwords are getting old and some kind of biometrics is sorely needed. First we need to get fingerprint readers more commonplace whether they are hardware or software. Yes they are out there but they need to be standard.
Gary_EL
50%
50%
Gary_EL,
User Rank: Apprentice
11/17/2013 | 10:05:20 PM
Good example
Kudos to Facebook for protecting its users from errors made by other organizations. This is an exceptional example of great corporate citizenship.
Gary_EL
50%
50%
Gary_EL,
User Rank: Apprentice
11/17/2013 | 10:08:40 PM
Re: Passwords
I agree, Brian. If someone hacks my facebook account, I will owe explanations to my friends. If someone hacks my bank account, I'll owe explanations to the bank, my creditors, and perhaps even the IRS. It's easy to see what the first priority is.
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Ninja
11/17/2013 | 10:34:32 PM
Re: passwords are getting old
I'm not convinced biometrics help that much. What's gained in convenience is lost in privacy. It's not that hard to come up with a strong password that can be remembered. I think it's worth the effort.
aditshar
50%
50%
aditshar,
User Rank: Apprentice
11/18/2013 | 6:25:41 AM
Re: passwords are getting old
I agree with Thomas here, biometrics may not help much here and keeping cost factor in mind it may absorb hell lot of money, other than this one good security practise i see these days is OTP, most of the banks and financial firms use this method as authentication process for end user which seems little hard to break if your mobile number is updated with bank.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
11/18/2013 | 8:33:58 AM
Re: passwords are getting old
Count me in  on the "passwords are getting old" camp for all the reasons mentioned by others in this thread. As for biometrics, I think we're going to see a lot more -- and better biometrics -- in use in short order as the technology matures and gets cheaper. Apples iPhone5s kerfuffle notwithstandig, its incorporation into a mainstream product speaks volumes. On a personal level, I will happily throw away all the passwords I've jotted on sticky notes, (at least those that I can find) and trade in a little privacy for the convenience of a fingerprint reader. 
Page 1 / 2   >   >>


Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This gives a new meaning to blind leading the blind.
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30550
PUBLISHED: 2021-06-15
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30551
PUBLISHED: 2021-06-15
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30552
PUBLISHED: 2021-06-15
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-30553
PUBLISHED: 2021-06-15
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-24037
PUBLISHED: 2021-06-15
A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untruste...