Authentication is more like sushi than vintage art. It’s best when it’s fresh, and aging it only decreases the value. Vintage art appreciates in value over time, but security credentials are perishable products. You may be attached to your username/password because it has a sentimental value, or maybe your password embodies the absolutes of simplicity (“password123”) or complexity (20 character, al least one special character, capital letters, etc.). Hold Security just discovered the Tsukiji fish market of the stolen credentials market – 360 million credentials up for sale. Your password is served fresh on the black market – ready for consumption.
The fact is, your password in its alphanumeric form is a tangible asset. It has value and an expiration date. It can be shared, phished, sold and misused. IT managers make you change it once in awhile, but even then the password has a long enough shelf life and criminals know how to get the new password as well.
Using graphic passwords takes the phish out of the picture. If the password exists only in your visual memory, it is not transferable and failure of encryption does not affect it. Tricerion’s strong mutual authentication technology preserves the value and ownership of security credentials by removing their shareability and dependence on encryption as the core safety feature. Moving away from the traditional alphanumeric format of user passwords will keep a company’s reputation from showing up in the news even before they realize there’s been a breach.