A week ago a big company here in the UK confirmed they were using the plain text protocol.(Storing password in plain text) I think this is pretty shocking but got me thinking if big companies are doing this how many small companies must be doing it as well.
However this is not the only problem when it comes to passwords many sites only letting you use short passwords like 5 – 8 chars. And some are still in the age of only letting you use number and letters.
We seem to be stuck in the past when it comes to passwords and for something we use all the time many people use the same passwords all over the place this does also inculde a lot of people who work in security.
So with new technology why are we not all using two factor authentication ? This can be done with mobile phones you can setup Paypal,google mail and online banking. Another alternative now is the yubico I am big fan of this device it gives so much and is not that expensive.
I really dont understand why more companies are not implmenting this.