The 4Chan nude celebrity photo hack reveals password protection has passed its use-by date warns Derek Morwood, Regional Manager of unified identity management leader Centrify.
The 4Chan scandal, which broke at the start of the month, saw intimate images of stars including actress Jennifer Lawrence and model Kate Upton posted anonymously on the 4Chan website after allegedly being hacked from online storage services such as iCloud.
Apple protests that its iCloud systems weren’t compromised, suggesting that hackers managed to gain illegal access to the images by figuring out passwords and the answers to personal security questions.
Morwood says the security breach was just the latest proof that passwords were passé. “Passwords no longer provide the protection we need for an online world,” he says.
“The nub of the problem with password-based protection is that a memorable password is easier to hack.
"When we require dozens, if not hundreds, of passwords to protect our identities online, the questionable effectiveness of passwords becomes completely degraded.
“The obvious solution is to get rid of most passwords. We’ve known how to do this for a long time through Identity Management systems.”
Morwood says single sign-on technologies such as SAML, openId or oAuth enabled users to reduce greatly the number of passwords they needed. “Done right, Identity Management really is a no-brainer,” he adds.
“At the heart of Identity Management are services such as Centrify’s IDaaS (Identity-as-a-Service) platform, which provides single sign-on for the cloud through an online authentication infrastructure.
"It’s much simpler to use than relying on multiple rotating passwords and is a much stronger defence for keeping your online identity secure.
“The beauty of IDaaS is its simplicity: For the organisation, it requires no additional infrastructure, no new tools and no extra servers or devices.
"For the individual, it provides high levels of online protection without requiring mnemonic gymnastics.”
During the past two years, Centrify has established itself as a global leader in IDaaS by leveraging more than a decade of Identity Management expertise with enterprise-level Active Directory-based Federated Identity services.
This month’s announcement of an enhanced partnership with Samsung Electronics, embedding Centrify’s IDaaS technology in the Samsung KNOX offering, provides a highly credible validation of that expertise.