Disco may be dead. The flip phone may be dead. Urban myth holds that played backwards, a popular Beatles song says the Paul is dead.
But despite claims that “passwords are dead,” this method of authentication remains widely used among the financial industry and consumer-oriented websites, says Javelin Strategy and Research.
Nevertheless, vulnerabilities such as password reuse, targeted malware, data breaches, and social engineering continue to contribute to the rising rates of identity fraud.
Passwords face major security challenges. Half are criminal in origin and the other half are due to consumer’s poor password practices. Consumers with more than 20 online accounts experience identity fraud at a 37% higher rate than the average consumer because of password reuse.
Perils of reusing passwords
Criminals depend on password reuse to render credentials from seemingly nonsensitive accounts into something far more valuable. With breached credentials in hand, cybercriminals leverage software which allows them to test the validity of compromised credentials at hundreds of online sites automatically.
Javelin recommends a formula for consumers to develop easy to remember, yet tougher passwords for fraudsters. [Check out this video] “Javelin presents Cipher to create unique, strong passwords.”
“While many anticipate a future free of passwords, a balanced approach to improving security while preserving the experience of accountholders is critical,” says Al Pascual, director of Fraud and Security for Javelin Strategy and Research. “Financial institutions need to strengthen their password policies in order to stymie fraudsters, but that is not enough. Poor user habits are the other half of the password-security problem. Accountholders should be empowered with practical advice to securely create and manage their passwords.”