Story image

Celeb nude photos prove passwords are passé...

25 Sep 14

The 4Chan nude celebrity photo hack reveals password protection has passed its use-by date warns Derek Morwood, Regional Manager of unified identity management leader Centrify.

The 4Chan scandal, which broke at the start of the month, saw intimate images of stars including actress Jennifer Lawrence and model Kate Upton posted anonymously on the 4Chan website after allegedly being hacked from online storage services such as iCloud.

Apple protests that its iCloud systems weren’t compromised, suggesting that hackers managed to gain illegal access to the images by figuring out passwords and the answers to personal security questions.

Morwood says the security breach was just the latest proof that passwords were passé. “Passwords no longer provide the protection we need for an online world,” he says.

“The nub of the problem with password-based protection is that a memorable password is easier to hack.

"When we require dozens, if not hundreds, of passwords to protect our identities online, the questionable effectiveness of passwords becomes completely degraded.

“The obvious solution is to get rid of most passwords. We’ve known how to do this for a long time through Identity Management systems.”

Morwood says single sign-on technologies such as SAML, openId or oAuth enabled users to reduce greatly the number of passwords they needed. “Done right, Identity Management really is a no-brainer,” he adds.

“At the heart of Identity Management are services such as Centrify’s IDaaS (Identity-as-a-Service) platform, which provides single sign-on for the cloud through an online authentication infrastructure.

"It’s much simpler to use than relying on multiple rotating passwords and is a much stronger defence for keeping your online identity secure.

“The beauty of IDaaS is its simplicity: For the organisation, it requires no additional infrastructure, no new tools and no extra servers or devices.

"For the individual, it provides high levels of online protection without requiring mnemonic gymnastics.”

During the past two years, Centrify has established itself as a global leader in IDaaS by leveraging more than a decade of Identity Management expertise with enterprise-level Active Directory-based Federated Identity services.

This month’s announcement of an enhanced partnership with Samsung Electronics, embedding Centrify’s IDaaS technology in the Samsung KNOX offering, provides a highly credible validation of that expertise.

52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
GirlBoss wins 2018 YES Emerging Alumni of the Year Award
The people have spoken – GirlBoss CEO and founder Alexia Hilbertidou has been crowned this year’s Young Enterprise Scheme (YES) Emerging Alumni of the Year.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
IDC: Standalone VR headset shipments grow 428.6% in 3Q18
The VR headset market returned to growth in 3Q18 after four consecutive quarters of decline and now makes up 97% of the combined market.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Preparing for the future of work – growing big ideas from small spaces
We’ve all seen it: our offices are changing from the traditional four walls - to no walls. A need to reduce real estate costs is a key driver, as is enabling a more diverse and agile workforce.
Bluetooth-enabled traps could spell the end for NZ's pests
A Wellington conservation tech company has come up with a way of using Bluetooth to help capture pests like rats and stoats.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."