Over a million developers have joined DZone.

Zappos, Difficult Passwords, and the Future of Security

· Cloud Zone

Download this eBook outlining the critical components of success for SaaS companies - and the new rules you need to play by.  Brought to you in partnership with NuoDB.

In a piece for Wired, Robert McMillan lays out our long, conflicted relationship with the password. What started as an easy solution to access our lives online has spiraled out of control. We are now forced to remember more passwords than ever, many containing nonsense symbols and a mix of capital letters and numerals. What’s more, security safeguards just don’t cut it anymore. Passwords are often the weakest link in a network, which hackers exploit regularly.

“Passwords have given websites a cheap and relatively secure way to quickly sign up millions of users, but the computer industry needs to treat them with a little more respect,” writes McMillan.

Passwords may not be going away, but users should have, AT MOST, one to remember. And that password shouldn’t be absurd — no minimum and maximum length, no required special characters, no wingdings, no caps, no numerals. Users should be able, through single sign-on, to easily access all business and personal applications used on a daily basis.

Hackers Attack Zappos, Millions Affected

If you’re one of Zappos’ 24 million users, you likely received CEO Tony Hirsh’s email over the weekend telling you that hackers breached one of the company’s servers, opening up a slew of personal information (email, shipping and billing addresses; passwords; phone numbers; last four digits of credit cards) to hackers.

Zappos hasn’t yet released the cause of the breach, but CIO Today, quoting security experts mulling the causes and consequences of the breach, noted that browsers remain a critical weak point. Another company for the timeline …

Security Breach Timeline

 

Source: http://www.okta.com/blog/2012/01/zappos-security-breach-affects-millions-are-passwords-necessary/

Learn how moving from a traditional, on-premises delivery model to a cloud-based, software-as-a-service (SaaS) strategy is a high-stakes, bet-the-company game for independent software vendors. Brought to you in partnership with NuoDB.

Topics:

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}