Insecurity outfit SecurEnvoy claims that the recently discovered Windows 7/8 password hints file exposure is another nail in the coffin for passwords. It has been reported how hackers can now gain ready access to the password hints file on Windows 7 and the upcoming Windows 8 platform.
Andy Kemshall, SecurEnvoy technical director said that while the news does not fill me with enthusiasm to rush out and upgrade to Windows 8, but it does encourage me to look more seriously at how he secures his desktop and laptop computer against prying eyes. He said that this is just another example of how the integrity of passwords has become seriously eroded in recent years.
The problem is caused by a security faux pas in the many millions of lines of code that goes to make up an operating system and/or major program suite these days. The fact that it is now possible to brute-force millions of passwords per second passwords are proving that they are often the weakest link.
Kemshall said that if passwords just don’t do the job, then people have to turn to multi-factor authentication to help protect themselves. Unfortunately, as a growing number of users of online banking have discovered in recent years, it’s a real pain having to carry a hardware token around with you all the time, especially when you find that when you really need to check your bank account and you don’t have the token with you, he said.
Of course his company happens to make a token-less system which could help you out a bit.