Connect with us

Hi, what are you looking for?

Tech & Science

Knowledge, possession, and inherence are keys to unlocking the ‘cyber-safe’

To keep cyber-safe, it is important to change default password and to start using passphrases of significant strength.

Photo by Joshua Woroniecki, <a href="https://unsplash.com/s/photos/laptop?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText">Unsplash</a>
Photo by Joshua Woroniecki, Unsplash

Why are too many systems falling foul of cyber-attacks? Why do consumers fall foul of same so easily online? Some of these reasons are bound up with technology and the approach that many take with regards to their cybersecurity credentials. This includes weaknesses around password setting, and the need for more sophisticated forms of authentication.

To gain a better insight into why good password management is essential, Digital Journal asked Mathew Newfield, Chief Security and Infrastructure Officer for Unisys, for ideas as to how to create more secure passwords.

Newfield says there are some basic good practice points that can be adopted, beginning with how the password is conceptualized: “It is important to change default password and to start using passphrases of significant strength – greater than eight characters – with at least three of the following four characteristics: uppercase, lowercase, number, special character. Do not use words or deviations of words as passwords.”

But is the password in itself sufficient? Newfield also stresses the use of multi-factor authentication for personal security.

“Multi-factor authentication, or MFA, is not just for businesses. If you’ve ever had to use a verification code, texted to your cell phone, to log into a personal bank or credit card account, you’re at least vaguely familiar with the concept of two-factor or multi-factor authentication.”

Multi-factor authentication refers to a digital-based authentication process designed to provide a user to access to a website or application, provided they have bene given access permission. To boost security, access is only given once the user has successfully presented two or more pieces of evidence to an authentication mechanism.

The principles upon which MFA is based are: Knowledge, possession, and inherence. Exactly what falls under these categories can be confusing. For instance, if a user memorizes a swiping path on their device, this does not count as an inherence element. However, it can be used to represent the knowledge element.

With the latter point, this refers to metrics intrinsically owned by an individual, such as an retinal scan or a finger-print to unlick a data source (drawing on biometrics). With possession, this could represent a token and with knowledge this relates to facts that only users would know about themselves, or the application of a learned password or PIN.

Newfield looks at the range of options open to consumers: “Today, consumers can choose from additional authentication choices, as many apps offer MFA options. In this instance, consumers have the option of setting up voice or facial recognition-based access or to receive push notifications if a new or unauthorized login is detected.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Tech & Science

Many state sector organization leaders say low-code reduces cybersecurity issues.

Tech & Science

The data suggests that the APOE genotype impacts COVID outcomes in two ways: By modulating the immune response and by preventing SARS-CoV-2 from infecting...

Tech & Science

Elon Musk showed off the latest version of a humanoid robot that the world's richest man said could one day eliminate poverty.

Business

Britain’s housing market has been rocked by the UK government’s costly budget, as retail banks pull mortgage rates.