We all know that the current username-and-password system is broken. With Russian hackers reportedly sitting on over a billion passwords, and new breaches hitting the news on a regular basis, it's fair to assume that if hackers don't have your password already, they're about to.
“Most websites and companies require passwords that are at least eight characters long, contain lower and upper case characters, a number, and one or more special characters,” says Vincent Berk, CEO of network security firm FlowTraq.
These kinds of password policies have actually reduced security overall, argues Jacob West, CTO at HP Enterprise Security Products. “We need to bring some sanity back to our password policies,” he says. “A human will never be able to meet these requirements.”
To continue reading this article register now