Microsoft Researchers Claim Using Passwords Is A Futile Effort To Keep Information Safe

Passwords remain the Achilles Heel of any technological security these days. Despite campaigns to warn consumers about the risk of rehashing passwords, the message is not getting through yet. Moreover, making passwords stronger may be wasted effort to begin with, if Microsoft Research is to be believed. They claim a stronger password has no impact on security whatsoever.

Is There A Point In Using Stronger Passwords?

The new whitepaper released by Microsoft Research staffers paints a very unusual picture for passwords. Although they agree that strengthening passwords is a potential temporary measure to improve security, they also warn that it has little to no effect in the long run. Certain industry standards prevent the usage of stronger passwords to be a full-time solution.

For example, harder to crack passwords need to sustain roughly 1 million guesses to be deemed secure. If an attacker were to crack passwords offline, however, that password would need to be able to sustain several trillions of trillions of guesses. In other words, it is impossible to guarantee that type of security by any means.

Unfortunately, the vast majority of passwords

sit somewhere in between those two thresholds. This makes them able to resist most online attacks, while being easy prey for offline cracking. Strengthening passwords that sit between these two ranges is ultimately futile, even though it may buy users some time before it is eventually cracked.



Related Post

Another factor holding back password “security,” as most people envision it, is the point at which an attacker gives up on cracking individual passwords. If a hacker has managed to infiltrate an enterprise network already, personal accounts have far less value at that time. All it takes is one credential to access the network, and after that it is virtually game over for the company.

This paints a worrisome picture in which hackers only need to find one weak password to cause a lot of havoc. Unfortunately, it appears that all the passwords we use and can think of fall into that category, even though some will take longer to break. But unless everyone in the ecosystem uses longer and more complicated passwords, it is only a matter of time until assailants discover the weakest link to exploit.

So what can be done about this uneasy situation? Two-factor authentication is an additional layer of security that should be enabled by default. Storing passwords correctly can help, although it appears that decentralized solutions will be needed to achieve that goal. Eventually, it seems inevitable that passwords will be replaced by completely different kinds of security measures, although it is anybody’s guess as to what the future may hold.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Qubetics Presale Skyrockets to $7.5M as XRP and Arbitrum Lead Best Altcoins for Exponential Returns

The crypto market is always evolving, with big names like Bitcoin and Ethereum leading the…

15 mins ago

Over 300K Users Actively Mine Crypto On BlockDAG’s X1 Miner App While BNB Bulls Eye $3K; What’s XRP’s Price Target?

The crypto market is ablaze with excitement as altcoins like XRP and BNB make major…

31 mins ago

Best Crypto Presale To Buy Now: Rollblock Delivers For Holders With New License, Record Sign Ups and 7000+ Games

Rollblock is quickly becoming the best crypto presale to buy, delivering unmatched value for its…

4 hours ago

Polkadot And Uniswap Gearing For Post-Christmas Jump As Rollblock Raises $7.4 Million in Presale

While Rollblock's continues its crypto presale, with its value increasing regularly, Polkadot (DOT) and Uniswap…

5 hours ago

IntelMarkets (INTL) Receives Massive Demand From Chainlink And SUI Investors Looking To Position For The Best Bull Run Gains

As the cryptocurrency market gears up for a bull run, IntelMarkets (INTL) is attracting significant…

5 hours ago

FOMO Selling Trigger $1 Billion Liquidations as LINK & SOL Bleed Heavily; What to Do Next?

In the past, Chainlink (LINK) and Solana (SOL) have been among the most discussed altcoins…

10 hours ago