What opportunities do you see?
Call me back
"*" indicates required fields
Having a smarter password has never been more important, or more complex. Nowadays, you need a dedicated, and preferably ultra-complex, password for every one of your accounts. But surely there’s a more practical way? Management consultant and blockchain specialist Maarten Breimer checks out the options.
As an Internet user there are so many things to take into account when choosing a password. It has to be strong enough that nobody can guess it. And it has to be complex enough so that a computer algorithm will be unable to quickly figure it out. Above all, you need a different password per application, which means you have to think of a lot of different passwords. You also need to ensure that your password hasn’t already been revealed. Passwords are susceptible to trends. In the past, a password mainly had to contain irregular characters. Nowadays, the key attribute is that they are long. Ouch! If we’re not careful, managing your passwords will be a full-time job. Surely there must be a better way?
We’ve all been there: you need to log in; you don’t remember your password; so you click on “Forgotten password”. You then receive a reset link with which you can create a new password. This recovery process immediately highlights an inherent weakness: if you have access to somebody’s e-mail, you automatically have access to all the accounts that are associated with it. Your e-mail is therefore the weak link. How can you avoid this situation? By creating a separate e-mail address solely for password recovery and with a username that is not traceable to you. By doing this you are, in essence, inserting an additional step.
You could use a password manager to store your usernames and passwords. This is an application that encrypts everything and ensures that the appropriate password is conjured up when you need it. All you have to remember is the password of the password manager itself. What you are doing here though is creating a “Single Point of Failure”. In other words, if someone hacks this password he or she will then have access to all your passwords…
If you save passwords on your browser, you will have access to every website and application from the moment you log in. You will be replacing your passwords with the less complex pin code of your device and adding another factor to the authentication process: something in your possession. Microsoft is already convinced and has a preference for a pin code per device, instead of separate passwords. From a technical perspective it is extremely safe, but it’s absolutely crucial that you take good care of your devices – particularly your phone. If your device is stolen or if you lose it, the joke will be on you.
There’s a new trend in websites that require you to have an account. Where they previously required that you have an account to shop with them, more and more web shops are now offering the possibility of placing an order as a guest. Account? No thank you. Just buy, pay, go. Sorted! Unfortunately, there is a downside. What if you need an account to trace your customer history, for example? Not always so handy then!
Bitcoin and other crypto currencies are also susceptible to this problem. After all, you have to be able to verify your rights to that Bitcoin you bought 10 years ago. If you buy a Bitcoin from a “currency exchange desk”, you’ll receive an account and a password. But here too the same problems described in 1 to 4 will apply. If you are hacked, somebody will have access to your “money.” How should you keep that password safe? One option, of course, is to print the details and keep it in a safe. There are even ways to generate your wallet offline. This is possible because every public key (the equivalent of your bank account) is inextricably linked to your private key (your very long pin code). This even works without being connected to the network. So just print it – and stow it away safely!
If you want to know more about our innovative solutions for insurers or about our other implementations, just get in touch.