Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Censornet Comment: NCSC Issues Password Guidance

August 2021 by CensorNet

Following the guidance issued from the National Cyber Security Centre (NCSC) around correct password usage, Richard Walters, CTO at Censornet, offers the following comment;

There is always a mountain to climb when it comes to encouraging people to follow good security practices, so it is heartening to see some solid advice from GCHQ. Just two years ago, research from the National Cyber Security Centre found that “123456” was the most popular password in the world – and I’d be surprised if the situation had changed appreciably.

However, the password guidance from GCHQ could go further. Hackers know that if a business relies solely on passwords for securing remote or cloud access, there is always going to be a way into its system. All it takes is for one employee to give away useful information or be persuaded to click on a phishing link.

It’s very easy to find out someone’s username for instance, which is often simply their work email address and therefore printed on business cards and social media accounts. If attackers find a username they could conduct phishing campaigns to capture the associated account password. They could also draw on open-source intelligence from social media to try and guess it. Either way, the result is the same: the hackers are inside.

GCHQ should consider taking a bigger step and recommending that businesses use multi-factor-authentication, which protects accounts with more than just a password. If MFA was used across government and industry, it would not only secure individual organisations but help with the wider mission of protecting the UK and its interests.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts