Cybersecurity and False Sense of Security
Debesh Choudhury, PhD
Information Security Researcher, Academician, Entrepreneur | Password & Cybersecurity, Digital Identity, Biometrics Limit, 3D Education | Linux Trainer | Writer | Podcast Host
Cybersecurity is a super hot topic. There are innumerable cybersecurity solutions in the market and many cybersecurity experts in the online space. The longer the advice, the better the users feel safe from cyber-attacks! But, I feel lost if the advice is too long and complex.
In this article, I would like to reinforce a few simple yet salient points regarding accessing our online accounts using usernames and passwords.
Passwords are indispensable to survive in our everyday activities on the Internet.
There is a popular report propagated on Twitter about how safe our passwords are. There is truth in the report based on computational testing of passwords in the lab.
Password managers are vulnerable and increase cyber threats.
Most Internet users get panicked after they see this report. Because everybody has to enter passwords to access their online accounts. The most probable solution to this problem is a password manager that can manage many complex passwords for online accounts.
Biometrics can lower security instead of improving it.
I worked on biometrics research for quite several years during my early career as a scientist in a defense research lab and as an academician at a university. Lately, I discovered the flaws in biometrics and found that biometrics recognition technology can lower security instead of improving it.
Thus, another false sense of security is to use biometrics that lowers security instead of improving it!
Passwordless is a convenience that can compromise security.
One can now see another popular keyword in the domain of authentication. It is called passwordless, i.e., the accounts always remain logged in on devices like smartphones.
Therefore, another false sense of security is to trust the passwordless convenience proposed by big tech corporations.
领英推荐
Concluding thoughts
Cybersecurity companies promote password managers, biometrics, and passwordless convenience. But, all these security applications serve only a false sense of security.
(1) A false sense of security is to use password managers. If the master password of a password manager is compromised, all online accounts are lost forever.?https://lnkd.in/d9sjPfzD
(2) Another false sense of security is to use biometrics recognition technology that lowers security instead of improving it!?https://lnkd.in/dG_fhcC5
(3) Another false sense of security is to trust the big tech corporations' passwordless convenience. It is hype to cheat the global citizens.?https://lnkd.in/dq8NAJGC
Can these security solutions improve your cybersecurity, and safeguard your online accounts, or do they serve only a false sense of security?
What is your view about these password security products?
------------
About me
I am a researcher and contribute to the overlapping areas of STEAM (Science, Technology, Engineering, Arts, and Mathematics). I develop cybersecurity and information security solutions, specifically graphical authentication security.
Text Copyright ? 2022 Debesh Choudhury — All Rights Reserved.
Cheers!
Cover:?Image by?Achin Verma?from?Pixabay.
All other images are either drawn/created by myself or credited to the respective artists/sources.
Disclaimer: All texts are mine and original. Any similarity and resemblance to any other content are purely accidental. The article is not advice for life, career, or business. Do your own research before adopting options.
Kolkata, Tuesday, November 29, 2022.
Sr. Full Stack Java Spring Database / Typescript Angular Software Developer
2 年Another thing I would add to the list of unhelpful security things is push notifications, at least in the current form they are implemented. Attackers have discovered that if they bombard the user at 3 am with push notifications, there's a decent chance they authorize to make it stop. A simple fix is if the user says "no" to a push notification, suspend push notifications. Fall back to code entry. After a successful login, resume push notifications.
Sr. Full Stack Java Spring Database / Typescript Angular Software Developer
2 年A poorly used password manager decreases security. Few people have the mental gymnastics to remember dozens of strong password. So they inevitably reuse passwords. Once one of their accounts are compromised, all of them that reuse that password are. A properly used password manager increases security. Each account has a different and strong password. A compromise of one account doesn't cause all of them to be compromised.
Advocate of Identity Assurance by Citizens' Volition and Memory. Founder and Chief Architect at Mnemonic Identity Solutions Limited
2 年Debesh Choudhury, PhD I am very pleased to see you take up the issue of False Sense of Security as a main theme. Well, there are two types of false sense of security - (A) People are not safer and yet people feel safer (B) People are actually less safe and yet people feel safer Obviously (B) is far more devastating than (A.) The already weak identity security is being further weakened from within. This is what we have been talking about "passwordless" and "biometrics" schemes as per “Raising ‘misguided’ cybersecurity awareness is good only for bad guys?https://lnkd.in/e57qhv8h With EU being the focus of the global cybersecurity in view of the serious threats from Russia, ENISA (The European Union Agency for Cybersecurity) is expected to do the needful to sort out this chaotic and perilous situation as soon as possible -?https://lnkd.in/ghkKqbJH
System Analyst
2 年Excellent information. Change that is not different is two problems. A microchip embedded in a hand will result in amputation What is the replacement ?