A simple way to reduce risk of data breaches in organizations/businesses and individual accounts


As reported by Verizon in their 2022 Data Breach Investigations Report, 81% of hacking-related data breaches can be attributed to weak or stolen credentials (see [1]). Even government organizations with strong requirements for cyber security have problems with passwords (see [2]). Investigators discovered several main reasons why people use weak or reused passwords. The first main reason is that some people find the recommended official cyber security procedures hard to follow, in every day life. For this reason, they try to simplify the process, which leads to usage of weak or reused passwords. The second main reason is stress and lack of time to correctly follow all the required procedures. The third main reason is laziness of some people. The fourth main reason is the password fatigue problem (see [3]).

Data breaches in small businesses are on the rise. 61% of SMBs experienced at least one cyber attack in the past year, and 40% endured eight or more hours of downtime as a result (see [4]).

Even cyber security companies have weak passwords problem (see [5]).

According to the Inc. Magazine, experts estimate that 100 passwords get stolen every 1 second, around 8 million per day. In reality, it can be even worse (see [6])

The typical scenario of cyber attacks is the following:

Step 1. Using brute force or dictionary attack or more advanced methods, hackers find weak or compromised passwords of targeted users.

Step 2. Then the hackers test all accounts of the users to find which accounts can be accessed with the compromised passwords.

Step 3. Using compromised accounts and passwords the hackers steal all valuable data, information, assets, etc.

Step 4. If the hackers want ransom then they install malware on the compromised computers using the compromised credentials and/or vulnerabilities in hardware/software systems.

Step 5. In the case the hackers fail on the steps 3 and 4, they sell the compromised credentials on black markets or the dark web.

Investigators also discovered a very troubling fact. The fact is that even in a case of data breach some organizations/businesses/individuals continue to use (after the breach) practices and procedures that failed to prevent the data breach.

As Albert Einstein stated: “The definition of insanity is doing the same thing over and over again and expecting different results.”

A simple workable solution to this problem is to give each user a private dynamical passwords generator (DPG), which generate 100 super strong (and unique) passwords for each user.

DPGs provide a simple and secure passwords generation and management for lazy, busy, and/or non tech-savvy people.

No logins.

No software installations, synchronizations, updating, upgrading, etc.

No master passwords.

Not saved in any place.

With a single click generate 100 super strong different passwords for 100 online accounts.

An ability to create unhackable passwords (see https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-create-unhackable-passwords-xeenglp?a=pnelxGQjeK ).

An ability to create multi factor authentication (MFA see https://www.publish0x.com/simple-solutions-to-complex-problems/a-simple-way-to-create-multi-factor-authentication-with-dyna-xgjeplq?a=pnelxGQjeK ).

An ability to convert easy to remember information (for example, name, birthday, etc.) into 100 super strong different passwords for 100 accounts;

Ready for the era of quantum computers.

For a single key generate a unique sequence of different strong passwords, which can be changed even on daily basis.

Accessible from any device connected to internet via a web browser.

For businesses/organizations DPGs allow to solve the following problems:

-increase cyber security;

-strengthen data protection/privacy;

-reduce passwords fatigue;

-reduce credential stuffing risk;

-mitigate passwords reuse problem;

-mitigate passwords spraying problem;

-reduce costs (an average cost of traditional password managers is $36/year per user. A private DPG costs $19/yer per user, which reduce costs on over 45%).

Anyone, can learn, try, and use dynamical passwords with this free public DPG https://dynpass.online

 

References:

[1] https://securemystuffnow.com/scary-password-statistics-in-2023/

https://www.keepersecurity.com/blog/2022/09/14/why-is-password-security-important/

[2] https://www.bitdefender.com/blog/hotforsecurity/us-federal-agency-employees-use-weak-passwords-that-can-be-cracked-or-guessed-quickly-audit-finds/

[3] https://biztechmagazine.com/article/2023/02/password-fatigue-real-heres-what-businesses-need-know

[4] https://www.electric.ai/blog/recent-big-company-data-breaches

[5] https://techcrunch.com/2023/08/31/logicmonitor-customers-hit-by-hackers-because-of-default-passwords/

[6] https://windowsreport.com/how-many-passwords-are-hacked-every-day/

[7] Password-hacking attacks are on the rise

https://www.zdnet.com/article/password-hacking-attacks-are-on-the-rise-heres-how-to-stop-your-accounts-from-being-stolen/

[8] A security researcher easily found my passwords

https://www.zdnet.com/article/a-security-researcher-told-me-my-passwords-and-more-how-15-years-of-digital-footprints-left-me-exposed/

 

How do you rate this article?

8


I_g_o_r
I_g_o_r

I am curious about science, technologies and their applications to solving real problems.


Simple solutions to complex problems
Simple solutions to complex problems

Each post is devoted to a simple solution to a complex problem.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.