How Blockchain Can Make Passwords Obsolete

How Blockchain Can Make Passwords Obsolete

How Blockchain can keep passwords safe.

It feels like almost every day there is another data breach making the headlines. From banking to talking with friends, the average person spends more than ten hours online every day. However, most of the sites or online resources we use daily—from Facebook to Gmail—are secured using a ordinary password.

Most security breaches happen because of some sort of human weakness. A password may be too effortless to guess, as studies demonstrate that Ten,000 of the most common passwords, such as one hundred twenty three thousand four hundred fifty six or qwerty, can access ninety eight percent of all accounts.

Other points of failure originate from people leaving their browsers open on public computers, writing passwords down on paper or in a file on their computers or simply getting tricked into providing away their login data.

Albeit we know what safe passwords should be, we tend to disregard this skill in favor of using easy-to-remember passwords because the fear of leaving behind is stronger than the fear of being hacked.

Data breaches making the headlines

Since the very first usage of a password in one thousand nine hundred sixty one by the Massachusetts Institute of Technology, authentication systems have come a long way. Today, modern computers use a form of hashing referred to as “salting.” However, because many passwords are overly ordinary and because many systems permit a user to guess numerous times, password-based systems remain vulnerable to hacking.

In 2011, hackers stole seventy seven mln Sony PlayStation Network passwords. In 2012, 400,000 Yahoo! email addresses were hacked. Apple's iCloud was also vulnerable to password hacks, which led to the infamous celebrity photo hacking of 2014. During the same year, five mln Gmail passwords were hacked and released online. These are only selected examples from the gigantic list of the world’s largest data breaches, which are displayed in a visualization here.

Password managers can fail too

It is this context that boosted the popularity of password managers like LastPass or 1Password, which free users from ever having to reminisce their passwords. These managers can also generate strong random passwords for each online account.

However, the problem with using a Web-based third party to store passwords is that they can get hacked too, as it was the case for LastPass in 2015. The platform experienced a data breach that exposed users' email addresses, encrypted passwords and password reminder hints.

As we explained in a previous article, “LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had access to customers' master passwords in cleartext. But they did store other information about users in cleartext, and it's this compromised information that can be used to guess powerless master passwords.”

Obsolete usernames and passwords

The cryptocurrency world has been relatively quick on the uptake of passwordless Web logins. It began when Satoshi Labs suggested users Trezor Connect, which permits to log in to participating websites simply by plugging in a hardware wallet.

The cryptocurrency community also showcased good excitement recently at the world's very first Secure Quick Reliable Login (SQRL) that utilizes QR codes and the public-key cryptography behind Bitcoin to achieve passwordless logins.

These two developments alone prove that usernames and passwords are far from necessary in achieving secure client-server relationships online.

Blockchain to the rescue

A larger problem is the centralized architecture of the database storing logins and passwords on a server. Which means, if it’s been hacked, all data can be accessed at once. Unluckily, even Two Factor Authentication (2FA) has been proven to be penetrable through social engineering.

REMME is a startup seeking to make passwords obsolete, thus eliminating the human factor from the authentication process, and therefore preventing such attacks from ever happening. REMME claims that by solving the problem of central servers that can be hacked, malicious attacks such as phishing, server and password breach, and password reuse will become worthless.

Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, so a fake certificate will never work. By using this method, the startup got rid of the authentication server and password database. As a consequence, hackers have no potential central server target, which means no feeble point. REMME claims “100 percent protection against common attacks.”

This will only require a quick installation, which according to the company, will permit “potential clients to save costs on integration.” The startup further provides 2FA for an extra security level, with apps users already have installed and trust, as well as corporate mobile applications.

The purpose of this system is to build a distributed Public Key Infrastructure (PKI) management on top of the x.509 standard using Blockchain. This set of policies has the potential to help many segments address the problem of security failings, from which REMME is focusing on IoT, financial infrastructure, MedTech and Blockchain companies.

Can innovative processes like this take off? At the end of the day, it will all come down to how many data breaches consumers are willing to put up with.

How Blockchain Can Make Passwords Obsolete

How Blockchain Can Make Passwords Obsolete

How Blockchain can keep passwords safe.

It feels like almost every day there is another data breach making the headlines. From banking to talking with friends, the average person spends more than ten hours online every day. However, most of the sites or online resources we use daily—from Facebook to Gmail—are secured using a ordinary password.

Most security breaches happen because of some sort of human weakness. A password may be too effortless to guess, as studies showcase that Ten,000 of the most common passwords, such as one hundred twenty three thousand four hundred fifty six or qwerty, can access ninety eight percent of all accounts.

Other points of failure originate from people leaving their browsers open on public computers, writing passwords down on paper or in a file on their computers or simply getting tricked into providing away their login data.

Albeit we know what safe passwords should be, we tend to overlook this skill in favor of using easy-to-remember passwords because the fear of leaving behind is stronger than the fear of being hacked.

Data breaches making the headlines

Since the very first usage of a password in one thousand nine hundred sixty one by the Massachusetts Institute of Technology, authentication systems have come a long way. Today, modern computers use a form of hashing referred to as “salting.” However, because many passwords are overly plain and because many systems permit a user to guess numerous times, password-based systems remain vulnerable to hacking.

In 2011, hackers stole seventy seven mln Sony PlayStation Network passwords. In 2012, 400,000 Yahoo! email addresses were hacked. Apple's iCloud was also vulnerable to password hacks, which led to the infamous celebrity photo hacking of 2014. During the same year, five mln Gmail passwords were hacked and released online. These are only selected examples from the ample list of the world’s thickest data breaches, which are displayed in a visualization here.

Password managers can fail too

It is this context that boosted the popularity of password managers like LastPass or 1Password, which free users from ever having to reminisce their passwords. These managers can also generate strong random passwords for each online account.

However, the problem with using a Web-based third party to store passwords is that they can get hacked too, as it was the case for LastPass in 2015. The platform experienced a data breach that exposed users' email addresses, encrypted passwords and password reminder hints.

As we explained in a previous article, “LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had access to customers' master passwords in cleartext. But they did store other information about users in cleartext, and it's this compromised information that can be used to guess feeble master passwords.”

Obsolete usernames and passwords

The cryptocurrency world has been relatively quick on the uptake of passwordless Web logins. It began when Satoshi Labs suggested users Trezor Connect, which permits to log in to participating websites simply by plugging in a hardware wallet.

The cryptocurrency community also demonstrated excellent excitement recently at the world's very first Secure Quick Reliable Login (SQRL) that utilizes QR codes and the public-key cryptography behind Bitcoin to achieve passwordless logins.

These two developments alone prove that usernames and passwords are far from necessary in achieving secure client-server relationships online.

Blockchain to the rescue

A larger problem is the centralized architecture of the database storing logins and passwords on a server. Which means, if it’s been hacked, all data can be accessed at once. Unluckily, even Two Factor Authentication (2FA) has been proven to be penetrable through social engineering.

REMME is a startup seeking to make passwords obsolete, thus eliminating the human factor from the authentication process, and therefore preventing such attacks from ever happening. REMME claims that by solving the problem of central servers that can be hacked, malicious attacks such as phishing, server and password breach, and password reuse will become futile.

Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, so a fake certificate will never work. By using this method, the startup got rid of the authentication server and password database. As a consequence, hackers have no potential central server target, which means no feeble point. REMME claims “100 percent protection against common attacks.”

This will only require a quick installation, which according to the company, will permit “potential clients to save costs on integration.” The startup further provides 2FA for an extra security level, with apps users already have installed and trust, as well as corporate mobile applications.

The objective of this system is to build a distributed Public Key Infrastructure (PKI) management on top of the x.509 standard using Blockchain. This set of policies has the potential to help many segments address the problem of security failings, from which REMME is focusing on IoT, financial infrastructure, MedTech and Blockchain companies.

Can innovative processes like this take off? At the end of the day, it will all come down to how many data breaches consumers are willing to put up with.

How Blockchain Can Make Passwords Obsolete

How Blockchain Can Make Passwords Obsolete

How Blockchain can keep passwords safe.

It feels like almost every day there is another data breach making the headlines. From banking to talking with friends, the average person spends more than ten hours online every day. However, most of the sites or online resources we use daily—from Facebook to Gmail—are secured using a ordinary password.

Most security breaches happen because of some sort of human weakness. A password may be too effortless to guess, as studies display that Ten,000 of the most common passwords, such as one hundred twenty three thousand four hundred fifty six or qwerty, can access ninety eight percent of all accounts.

Other points of failure originate from people leaving their browsers open on public computers, writing passwords down on paper or in a file on their computers or simply getting tricked into providing away their login data.

Albeit we know what safe passwords should be, we tend to disregard this skill in favor of using easy-to-remember passwords because the fear of leaving behind is stronger than the fear of being hacked.

Data breaches making the headlines

Since the very first usage of a password in one thousand nine hundred sixty one by the Massachusetts Institute of Technology, authentication systems have come a long way. Today, modern computers use a form of hashing referred to as “salting.” However, because many passwords are overly elementary and because many systems permit a user to guess numerous times, password-based systems remain vulnerable to hacking.

In 2011, hackers stole seventy seven mln Sony PlayStation Network passwords. In 2012, 400,000 Yahoo! email addresses were hacked. Apple's iCloud was also vulnerable to password hacks, which led to the infamous celebrity photo hacking of 2014. During the same year, five mln Gmail passwords were hacked and released online. These are only selected examples from the hefty list of the world’s fattest data breaches, which are displayed in a visualization here.

Password managers can fail too

It is this context that boosted the popularity of password managers like LastPass or 1Password, which free users from ever having to reminisce their passwords. These managers can also generate strong random passwords for each online account.

However, the problem with using a Web-based third party to store passwords is that they can get hacked too, as it was the case for LastPass in 2015. The platform experienced a data breach that exposed users' email addresses, encrypted passwords and password reminder hints.

As we explained in a previous article, “LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had access to customers' master passwords in cleartext. But they did store other information about users in cleartext, and it's this compromised information that can be used to guess feeble master passwords.”

Obsolete usernames and passwords

The cryptocurrency world has been relatively quick on the uptake of passwordless Web logins. It began when Satoshi Labs suggested users Trezor Connect, which permits to log in to participating websites simply by plugging in a hardware wallet.

The cryptocurrency community also displayed fine excitement recently at the world's very first Secure Quick Reliable Login (SQRL) that utilizes QR codes and the public-key cryptography behind Bitcoin to achieve passwordless logins.

These two developments alone prove that usernames and passwords are far from necessary in achieving secure client-server relationships online.

Blockchain to the rescue

A larger problem is the centralized architecture of the database storing logins and passwords on a server. Which means, if it’s been hacked, all data can be accessed at once. Unluckily, even Two Factor Authentication (2FA) has been proven to be penetrable through social engineering.

REMME is a startup seeking to make passwords obsolete, thus eliminating the human factor from the authentication process, and therefore preventing such attacks from ever happening. REMME claims that by solving the problem of central servers that can be hacked, malicious attacks such as phishing, server and password breach, and password reuse will become futile.

Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, so a fake certificate will never work. By using this method, the startup got rid of the authentication server and password database. As a consequence, hackers have no potential central server target, which means no powerless point. REMME claims “100 percent protection against common attacks.”

This will only require a quick installation, which according to the company, will permit “potential clients to save costs on integration.” The startup further provides 2FA for an extra security level, with apps users already have installed and trust, as well as corporate mobile applications.

The aim of this system is to build a distributed Public Key Infrastructure (PKI) management on top of the x.509 standard using Blockchain. This set of policies has the potential to help many segments address the problem of security failings, from which REMME is focusing on IoT, financial infrastructure, MedTech and Blockchain companies.

Can innovative processes like this take off? At the end of the day, it will all come down to how many data breaches consumers are willing to put up with.

How Blockchain Can Make Passwords Obsolete

How Blockchain Can Make Passwords Obsolete

How Blockchain can keep passwords safe.

It feels like almost every day there is another data breach making the headlines. From banking to talking with friends, the average person spends more than ten hours online every day. However, most of the sites or online resources we use daily—from Facebook to Gmail—are secured using a elementary password.

Most security breaches happen because of some sort of human weakness. A password may be too effortless to guess, as studies display that Ten,000 of the most common passwords, such as one hundred twenty three thousand four hundred fifty six or qwerty, can access ninety eight percent of all accounts.

Other points of failure originate from people leaving their browsers open on public computers, writing passwords down on paper or in a file on their computers or simply getting tricked into providing away their login data.

Albeit we know what safe passwords should be, we tend to disregard this skill in favor of using easy-to-remember passwords because the fear of leaving behind is stronger than the fear of being hacked.

Data breaches making the headlines

Since the very first usage of a password in one thousand nine hundred sixty one by the Massachusetts Institute of Technology, authentication systems have come a long way. Today, modern computers use a form of hashing referred to as “salting.” However, because many passwords are overly ordinary and because many systems permit a user to guess numerous times, password-based systems remain vulnerable to hacking.

In 2011, hackers stole seventy seven mln Sony PlayStation Network passwords. In 2012, 400,000 Yahoo! email addresses were hacked. Apple's iCloud was also vulnerable to password hacks, which led to the infamous celebrity photo hacking of 2014. During the same year, five mln Gmail passwords were hacked and released online. These are only selected examples from the thick list of the world’s thickest data breaches, which are displayed in a visualization here.

Password managers can fail too

It is this context that boosted the popularity of password managers like LastPass or 1Password, which free users from ever having to recall their passwords. These managers can also generate strong random passwords for each online account.

However, the problem with using a Web-based third party to store passwords is that they can get hacked too, as it was the case for LastPass in 2015. The platform experienced a data breach that exposed users' email addresses, encrypted passwords and password reminder hints.

As we explained in a previous article, “LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had access to customers' master passwords in cleartext. But they did store other information about users in cleartext, and it's this compromised information that can be used to guess feeble master passwords.”

Obsolete usernames and passwords

The cryptocurrency world has been relatively quick on the uptake of passwordless Web logins. It began when Satoshi Labs suggested users Trezor Connect, which permits to log in to participating websites simply by plugging in a hardware wallet.

The cryptocurrency community also displayed excellent excitement recently at the world's very first Secure Quick Reliable Login (SQRL) that utilizes QR codes and the public-key cryptography behind Bitcoin to achieve passwordless logins.

These two developments alone prove that usernames and passwords are far from necessary in achieving secure client-server relationships online.

Blockchain to the rescue

A larger problem is the centralized architecture of the database storing logins and passwords on a server. Which means, if it’s been hacked, all data can be accessed at once. Unluckily, even Two Factor Authentication (2FA) has been proven to be penetrable through social engineering.

REMME is a startup seeking to make passwords obsolete, thus eliminating the human factor from the authentication process, and therefore preventing such attacks from ever happening. REMME claims that by solving the problem of central servers that can be hacked, malicious attacks such as phishing, server and password breach, and password reuse will become futile.

Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, so a fake certificate will never work. By using this method, the startup got rid of the authentication server and password database. As a consequence, hackers have no potential central server target, which means no powerless point. REMME claims “100 percent protection against common attacks.”

This will only require a quick installation, which according to the company, will permit “potential clients to save costs on integration.” The startup further provides 2FA for an extra security level, with apps users already have installed and trust, as well as corporate mobile applications.

The objective of this system is to build a distributed Public Key Infrastructure (PKI) management on top of the x.509 standard using Blockchain. This set of policies has the potential to help many segments address the problem of security failings, from which REMME is focusing on IoT, financial infrastructure, MedTech and Blockchain companies.

Can innovative processes like this take off? At the end of the day, it will all come down to how many data breaches consumers are willing to put up with.

How Blockchain Can Make Passwords Obsolete

How Blockchain Can Make Passwords Obsolete

How Blockchain can keep passwords safe.

It feels like almost every day there is another data breach making the headlines. From banking to talking with friends, the average person spends more than ten hours online every day. However, most of the sites or online resources we use daily—from Facebook to Gmail—are secured using a ordinary password.

Most security breaches happen because of some sort of human weakness. A password may be too effortless to guess, as studies demonstrate that Ten,000 of the most common passwords, such as one hundred twenty three thousand four hundred fifty six or qwerty, can access ninety eight percent of all accounts.

Other points of failure originate from people leaving their browsers open on public computers, writing passwords down on paper or in a file on their computers or simply getting tricked into providing away their login data.

Albeit we know what safe passwords should be, we tend to overlook this skill in favor of using easy-to-remember passwords because the fear of leaving behind is stronger than the fear of being hacked.

Data breaches making the headlines

Since the very first usage of a password in one thousand nine hundred sixty one by the Massachusetts Institute of Technology, authentication systems have come a long way. Today, modern computers use a form of hashing referred to as “salting.” However, because many passwords are overly plain and because many systems permit a user to guess numerous times, password-based systems remain vulnerable to hacking.

In 2011, hackers stole seventy seven mln Sony PlayStation Network passwords. In 2012, 400,000 Yahoo! email addresses were hacked. Apple's iCloud was also vulnerable to password hacks, which led to the infamous celebrity photo hacking of 2014. During the same year, five mln Gmail passwords were hacked and released online. These are only selected examples from the ample list of the world’s fattest data breaches, which are displayed in a visualization here.

Password managers can fail too

It is this context that boosted the popularity of password managers like LastPass or 1Password, which free users from ever having to recall their passwords. These managers can also generate strong random passwords for each online account.

However, the problem with using a Web-based third party to store passwords is that they can get hacked too, as it was the case for LastPass in 2015. The platform experienced a data breach that exposed users' email addresses, encrypted passwords and password reminder hints.

As we explained in a previous article, “LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had access to customers' master passwords in cleartext. But they did store other information about users in cleartext, and it's this compromised information that can be used to guess powerless master passwords.”

Obsolete usernames and passwords

The cryptocurrency world has been relatively quick on the uptake of passwordless Web logins. It began when Satoshi Labs suggested users Trezor Connect, which permits to log in to participating websites simply by plugging in a hardware wallet.

The cryptocurrency community also demonstrated fine excitement recently at the world's very first Secure Quick Reliable Login (SQRL) that utilizes QR codes and the public-key cryptography behind Bitcoin to achieve passwordless logins.

These two developments alone prove that usernames and passwords are far from necessary in achieving secure client-server relationships online.

Blockchain to the rescue

A larger problem is the centralized architecture of the database storing logins and passwords on a server. Which means, if it’s been hacked, all data can be accessed at once. Unluckily, even Two Factor Authentication (2FA) has been proven to be penetrable through social engineering.

REMME is a startup seeking to make passwords obsolete, thus eliminating the human factor from the authentication process, and therefore preventing such attacks from ever happening. REMME claims that by solving the problem of central servers that can be hacked, malicious attacks such as phishing, server and password breach, and password reuse will become futile.

Instead of a password, REMME gives each device a specific SSL certificate. The certificate data is managed on the Blockchain, so a fake certificate will never work. By using this method, the startup got rid of the authentication server and password database. As a consequence, hackers have no potential central server target, which means no feeble point. REMME claims “100 percent protection against common attacks.”

This will only require a quick installation, which according to the company, will permit “potential clients to save costs on integration.” The startup further provides 2FA for an extra security level, with apps users already have installed and trust, as well as corporate mobile applications.

The objective of this system is to build a distributed Public Key Infrastructure (PKI) management on top of the x.509 standard using Blockchain. This set of policies has the potential to help many segments address the problem of security failings, from which REMME is focusing on IoT, financial infrastructure, MedTech and Blockchain companies.

Can innovative processes like this take off? At the end of the day, it will all come down to how many data breaches consumers are willing to put up with.

Related video:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *