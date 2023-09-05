The biggest initiative in cybersecurity is designed to eliminate passwords Passkeys, under development by FIDO, a consortium of big tech companies, are coming closer to making security better and eliminating passwords. (Just_Super/Getty Images)

TULSA — A recent spike in attacks on Linked In user accounts has again raised alarm bells regarding online security for millions of Americans.

KRMG spoke with Aaron Rose, Chief Technology Officer and Security Architect Manager for Checkpoint Software Technologies.

[Hear the KRMG In-Depth Report on protecting yourself against cyber attacks HERE]

He said of course security begins with passwords, and he advises making them as complex as possible.

The issue, of course, is the more complex the password, the more difficult it may be to remember.

He recommends stringing together small phrases, and perhaps using swapping some letters for numbers or special characters.

He also highly recommends using a password manager, which will make it much easier to maintain a large number of complex passwords.

That said, he warns, “passwords are not the end all be all. They’re not going to keep people out, so it’s also important to have things like multi-factor or two-factor authorization. Often this will send you like a text message with a code, or you’ll have an app that you’ll open on your phone to get that code.”

And often, those apps use a biometric of some type to authenticate the user, usually a fingerprint or facial recognition.

And that, likely, is the direction cyber security will take as the attacks on privacy and data continue get grow in both number and sophistication.

Already, retinal scanning is gaining wider adoption.

Rose says even biometrics may not allow everyone to relax their guard; for example, researchers have shown how fingerprint scanners can be fooled using Gummy Bears.

But in cybersecurity, he says, they have to balance security with cost and convenience, because the most secure system in the world will fail if the user bypasses it themselves.

“We have to look at, ‘okay, what is the risk, and then what is the actual cost or effect on the user?’” Rose told KRMG. “If we make it too much of a burden, then users are going to do what they always do, and find a way around the security, which is going to leave it vulnerable in some way. You know, think of people like when we started enforcing complex passwords, people all of a sudden were putting Post-it notes underneath their keyboard. That is not secure.”







