News Center
12/03/2014|Verizon News Archives

How to Implement a More Secure Identity Authentication Solution (Part 1)

A staggering fact: Information from data breaches reveals that the most common password in use by consumers today is “123456,” according to The New York Times. This has been cited so many times that one would hope that enterprise businesses would have implemented more levels of password protection to help secure their customers from a brute force attack. Unfortunately, this is not the case. While everyone agrees that using a user name and password for online protection is old school, the majority of consumer websites still heavily rely solely on this one security solution.

pcoomans Patrick Coomans, Sr Identity Strategist, Verizon

A recent security breach revealed that out of 38 million passwords, the most common was “123456,” followed closely by “123456789” and “password.” Those three passwords accounted for 7.12 percent of all passwords; over 11 percent of people actually have the same 20 easy passwords. And still every week we read in the press about data breaches due to easy-to-guess passwords or weak mechanisms.

So why do online business owners knowingly choose not to implement rules that at least block the use of those top 20 or top 100 most used passwords?

It comes down to a combination of convenience and user laziness, I’m afraid. I think it is safe to estimate that implementing rules that enforce the use of complex passwords would permanently chase away between 5 percent and 10 percent of customers who simply cannot be bothered to invent and remember anything complicated. No website owner wants to turn away customers.

My conclusion is that the secret to mass adoption of a more secure authentication method is, quite simply, that it must be easier than typing in a username and “123456.” The user interaction must be minimal and be based on something most people have with them all the time and care about.

So what are the alternatives to username + password and why haven't they been adopted en masse already? In my next article, I’ll outline the various types of authentication available today, their pros and cons and Verizon’s view of the future of online security.

Visit Verizon Enterprise Solution’s security solutions portfolio to learn how to protect your business from a cyber attack.

Related Articles

Putting our employees' health and wellness first
Putting our employees' health and wellness first
05/09/2016
Verizon offers 43 on-site health & wellness centers, and a large staff of a fitness and diet professionals.
Consensus: More wireless phones should work with hearing aids
Consensus: More wireless phones should work with hearing aids
11/19/2015
Today’s FCC action on hearing-aid-compatible devices is the result of a successful collaborative effort.