SlideShare una empresa de Scribd logo

Democracy would be dead where the password is killed

Descargar como DOCX, PDF
Hitoshi Kokumai
Hitoshi Kokumai

Democracy must require the individuals to have the rights not to get their identity authenticated without their knowingly confirming it. This volitional process can be achieved only with "volitional" identity authentication made possible by "memorized secrets", say, passwords and expanded passwords. <reference> Slide: Password Fatigue and Expanded Password System http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-system Article (7-page): Intuitive Password – passwords succeeding passwords https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding-passwords

Tecnología
1 de 3
Democracy would be dead where the password is killed Some security people are advocating that the password should be killed dead. I wonder if they are aware of what they mean by what they say. A society where login without users’ volition is allowed would be the society where democracy is dead. It’s a tyrant’s utopia. We know that biometrics, which relies on a fallback password, can by no means be an alternative to the password, that the password is an indispensable factor for multi-factor schemes and that the security of password managers and single-sign-on schemes needs to hinge on the reliability of the password. The password (memorized secret) is absolutely necessary. Don’t let it be killed. Don’t accept any form of passwordless login. < Related Articles > P2 Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” P3 Truth does not matter in infosec? <Reference> Slide: Password Fatigue and Expanded Password System http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-s ystem Article (7-page): Intuitive Password – passwords succeeding passwords https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding- passwords
Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” Biometrics follows “unique” features of individuals’ bodies and behaviors. It means that it could be well used when deployed for identification of individuals who may be conscious or unconscious, alive or dead. Due respect could be paid to biometrics in this sphere. Being “unique” is different from being “secret”, however. It would be a misuse of biometrics if deployed for security of the identity authentication of individuals. Confusing “Identification” with “Authentication”, we would be building a sandcastle in which people are trapped in a nefarious false sense of security. However gigantic and grandiose it may look, the sandcastle could melt away altogether when we have a heavy storm. And, the storm will come. The question is not “if”, but just “how soon”. < Related Articles > P2 Truth does not matter in infosec? P3 Democracy would be dead where the password is killed < Videos > Turn off biometrics where security matters (30 seconds) https://youtu.be/7UAgtPtmUbk Biometrics in Cyber Space - "below-one" factor authentication https://youtu.be/wuhB5vxKYlg Six Reasons to Believe Biometrics Don't Ruin Cyber Security https://youtu.be/lODTiO2k8ws Password-free Life - Utopia or Dystopia? (30 seconds) https://youtu.be/UJDBZpX1a0U Password Predicament and Expanded Password System https://youtu.be/-KEE2VdDnY0
Truth does not matter in infosec? Tech media seem busy arguing which biometrics is better than the others. But it is all nonsense from security’s point of view. Instead we should ask why security-lowering measures have been touted as security-enhancing solutions. Because of its inherent characteristics, biometrics depends on a fallback means in case of false rejection. In physical security, it could be handled by personnel in charge other than the user. In cybersecurity, however, it needs to be handled by the user themselves, in most cases by way of a password that the user themselves needs to feed. So long as the biometrics is backed up by a fallback password, irrespective of which are more accurate than the others, its security is lower than that of a password-only authentication as illustrated in this video. https://youtu.be/wuhB5vxKYlg Then, we have to wonder why and how the biometrics has been touted as a security-enhancing tool for so long, with so many security professionals being silent about the fact. There could be various explanations – from agnotology, neuroscience, psychology, sociology, behavioral economics and so on. This phenomenon will perhaps be found to have provided an excitingly rich material for a number of scientists and researchers in those fields. Summary of the video > >

Recomendados

AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...Dinis Guarda
 
Image-to-Code Converter 31July2023.pptx
Image-to-Code Converter 31July2023.pptxImage-to-Code Converter 31July2023.pptx
Image-to-Code Converter 31July2023.pptxHitoshi Kokumai
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)Hitoshi Kokumai
 
Fend Off Cyberattack with Episodic Memory (24Feb2023)
Fend Off Cyberattack with Episodic Memory (24Feb2023)Fend Off Cyberattack with Episodic Memory (24Feb2023)
Fend Off Cyberattack with Episodic Memory (24Feb2023)Hitoshi Kokumai
 
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Hitoshi Kokumai
 
Fend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryFend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryHitoshi Kokumai
 
Bring healthy second life to legacy password system
Bring healthy second life to legacy password systemBring healthy second life to legacy password system
Bring healthy second life to legacy password systemHitoshi Kokumai
 
Intriguing Evlolution from One to Two and Back to One
Intriguing Evlolution from One to Two and Back to OneIntriguing Evlolution from One to Two and Back to One
Intriguing Evlolution from One to Two and Back to OneHitoshi Kokumai
 

Recomendados

AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...
AI, Blockchain, IOT, Evolution or Singularity? Digital Identity And Digital ...Dinis Guarda
 
Image-to-Code Converter 31July2023.pptx
Image-to-Code Converter 31July2023.pptxImage-to-Code Converter 31July2023.pptx
Image-to-Code Converter 31July2023.pptxHitoshi Kokumai
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)Hitoshi Kokumai
 
Fend Off Cyberattack with Episodic Memory (24Feb2023)
Fend Off Cyberattack with Episodic Memory (24Feb2023)Fend Off Cyberattack with Episodic Memory (24Feb2023)
Fend Off Cyberattack with Episodic Memory (24Feb2023)Hitoshi Kokumai
 
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022
Slide Share (Updated) - Fend Off Cybercrime with Episodic Memory 29Aug2022Hitoshi Kokumai
 
Fend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryFend Off Cybercrime with Episodic Memory
Fend Off Cybercrime with Episodic MemoryHitoshi Kokumai
 
Bring healthy second life to legacy password system
Bring healthy second life to legacy password systemBring healthy second life to legacy password system
Bring healthy second life to legacy password systemHitoshi Kokumai
 
Intriguing Evlolution from One to Two and Back to One
Intriguing Evlolution from One to Two and Back to OneIntriguing Evlolution from One to Two and Back to One
Intriguing Evlolution from One to Two and Back to OneHitoshi Kokumai
 
Cyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password SystemsCyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password SystemsHitoshi Kokumai
 
Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Hitoshi Kokumai
 
Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Hitoshi Kokumai
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryHitoshi Kokumai
 
Deployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63BDeployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63BHitoshi Kokumai
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Hitoshi Kokumai
 
Help unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guidelineHelp unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guidelineHitoshi Kokumai
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 
Expanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceExpanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceHitoshi Kokumai
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Más contenido relacionado

Más de Hitoshi Kokumai

Cyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password SystemsCyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password SystemsHitoshi Kokumai
 
Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Hitoshi Kokumai
 
Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Hitoshi Kokumai
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryHitoshi Kokumai
 
Deployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63BDeployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63BHitoshi Kokumai
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Hitoshi Kokumai
 
Help unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guidelineHelp unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guidelineHitoshi Kokumai
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password SystemHitoshi Kokumai
 
Expanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceExpanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceHitoshi Kokumai
 

Más de Hitoshi Kokumai (9)

Cyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password SystemsCyber Predicament by Text-Only Password Systems
Cyber Predicament by Text-Only Password Systems
 
Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018Updated: Presentation with Scripts at CIW2018
Updated: Presentation with Scripts at CIW2018
 
Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018Presentation with Scripts at CIWEU2018
Presentation with Scripts at CIWEU2018
 
Updated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and MemoryUpdated: Identity Assurance by Our Own Volition and Memory
Updated: Identity Assurance by Our Own Volition and Memory
 
Deployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63BDeployment of Biometrics & Password - NIST63B
Deployment of Biometrics & Password - NIST63B
 
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
Clues to Unravelling Conundrums - Biometrics deployed 'in parallel' as again...
 
Help unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guidelineHelp unravel the conundrum over NIST authentication guideline
Help unravel the conundrum over NIST authentication guideline
 
Business Dimension of Expanded Password System
Business Dimension of Expanded Password SystemBusiness Dimension of Expanded Password System
Business Dimension of Expanded Password System
 
Expanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity AssuranceExpanded password system - Reliable Identity Assurance
Expanded password system - Reliable Identity Assurance
 

Último

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 

Último (20)

Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 

Democracy would be dead where the password is killed

  • 1. Democracy would be dead where the password is killed Some security people are advocating that the password should be killed dead. I wonder if they are aware of what they mean by what they say. A society where login without users’ volition is allowed would be the society where democracy is dead. It’s a tyrant’s utopia. We know that biometrics, which relies on a fallback password, can by no means be an alternative to the password, that the password is an indispensable factor for multi-factor schemes and that the security of password managers and single-sign-on schemes needs to hinge on the reliability of the password. The password (memorized secret) is absolutely necessary. Don’t let it be killed. Don’t accept any form of passwordless login. < Related Articles > P2 Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” P3 Truth does not matter in infosec? <Reference> Slide: Password Fatigue and Expanded Password System http://www.slideshare.net/HitoshiKokumai/password-fatigue-and-expanded-password-s ystem Article (7-page): Intuitive Password – passwords succeeding passwords https://www.slideshare.net/HitoshiKokumai/intuitive-passwords-passwords-succeeding- passwords
  • 2. Mix up “Unique” with “Secret” and we would confuse “Identification” with “Authentication” Biometrics follows “unique” features of individuals’ bodies and behaviors. It means that it could be well used when deployed for identification of individuals who may be conscious or unconscious, alive or dead. Due respect could be paid to biometrics in this sphere. Being “unique” is different from being “secret”, however. It would be a misuse of biometrics if deployed for security of the identity authentication of individuals. Confusing “Identification” with “Authentication”, we would be building a sandcastle in which people are trapped in a nefarious false sense of security. However gigantic and grandiose it may look, the sandcastle could melt away altogether when we have a heavy storm. And, the storm will come. The question is not “if”, but just “how soon”. < Related Articles > P2 Truth does not matter in infosec? P3 Democracy would be dead where the password is killed < Videos > Turn off biometrics where security matters (30 seconds) https://youtu.be/7UAgtPtmUbk Biometrics in Cyber Space - "below-one" factor authentication https://youtu.be/wuhB5vxKYlg Six Reasons to Believe Biometrics Don't Ruin Cyber Security https://youtu.be/lODTiO2k8ws Password-free Life - Utopia or Dystopia? (30 seconds) https://youtu.be/UJDBZpX1a0U Password Predicament and Expanded Password System https://youtu.be/-KEE2VdDnY0
  • 3. Truth does not matter in infosec? Tech media seem busy arguing which biometrics is better than the others. But it is all nonsense from security’s point of view. Instead we should ask why security-lowering measures have been touted as security-enhancing solutions. Because of its inherent characteristics, biometrics depends on a fallback means in case of false rejection. In physical security, it could be handled by personnel in charge other than the user. In cybersecurity, however, it needs to be handled by the user themselves, in most cases by way of a password that the user themselves needs to feed. So long as the biometrics is backed up by a fallback password, irrespective of which are more accurate than the others, its security is lower than that of a password-only authentication as illustrated in this video. https://youtu.be/wuhB5vxKYlg Then, we have to wonder why and how the biometrics has been touted as a security-enhancing tool for so long, with so many security professionals being silent about the fact. There could be various explanations – from agnotology, neuroscience, psychology, sociology, behavioral economics and so on. This phenomenon will perhaps be found to have provided an excitingly rich material for a number of scientists and researchers in those fields. Summary of the video > >