Email
Password
Remember meForgot password?
    Log in with Twitter

article imageMajor security gaps in cryptocurrency exchanges

By Tim Sandle     Dec 30, 2018 in Business
Research conducted by Dr. Vidy Potdar has found that nearly every exchange has massive security flaws in both their password protocols and their HTTP security protocols.
Dr. Vidy Potdar is an expert in Information Security with over 15 years of experience in technology development. Potdar recently completed an extensive analysis of cryptocurrency exchanges and their digital security and uncovered significant security flaws. Such analysis is important as the popularity of cryptocurrencies continues to grow (as covered regularly on Digital Journal, such as Ken Hanly's report "Bitcoin reaches up over $300 today after sharp drop down").
Dr. Potdar's study was completed in partnership with Ausfinex (an Australian cryptocurrency exchange). The results of the study, have been reported by ValueWalk. The study assessed eleven popular current cryptocurrency exchanges and the research looked at the password policies and HTTP security features of the exchanges.
The research reveals several interlinked problems in the password policies of exchanges and highlights this issues as the foremost security issue in exchange authentication mechanics. By deploying a six-dimensional password security rating metric, the research finds that most current password security implementations are weak.
For example, the research found that none of the exchanges evaluated restricted the use of reserved words for passwords on their platforms. The consequence of this is phrases and password combinations (such as Password123 or admin123) are accepted as strong passwords. The research also found the that often HTTP security headers were not being used (these provide an additional web security layer). Examples of the flaws are shown on Bitcoinbuster.com.
Based on such incidences, Dr. Potdarā€™s security study concludes that cryptocurrency exchanges need to reform and to provide the maximum security standards.
More about cryptocurrency, bitcoin, blockchain, Cyberattack
More news from
Latest News
Top News