We are currently living in a digital world where anything conceivable can be done online. As a result, most people have multiple accounts to manage banking, emails, shopping etc… If you’ve ever tried to create an email address, it’s likely that you had to try a couple times to find a username that wasn’t already taken. When it comes to passwords, most sites require your password to be a certain length, only alphanumeric, and contain upper and lowercase letters. Security experts also recommend that you use different passwords for each account and that you regularly change them. The reality is that no one does this because they can’t remember all that information. Aside from the fact that it is tedious to create and maintain usernames and passwords, there are huge security risks involved.
Some of the problems with passwords are that they are usually predictable, stored, and reused. Some of the most popular passwords include 123456, qwerty and the word password; in fact, two of the most common password cracking techniques used are dictionary cracks and brute force. Dictionary cracks uses a combination of known passwords and personal information. The brute force method uses machines that compile potential passwords that aren’t found in the dictionary. Brute force machines can be bought relatively cheap and some can test billions of passwords a second. When people tend to use the same password for everything, once you have one password you have all of them. Many sites also store passwords. When that happens you create a security risk. If someone manages to access the password database, every single account becomes compromised.
The same problems apply for usernames. Most people have the same username across several accounts, whether that is their email address or one that they created. Unlike passwords, usernames aren’t exactly kept a secret. If someone knows your username, they already have half of what they need to access your account. The only way to avoid this is to create randomly generated usernames and randomly generated one-time use passcodes for the user. The Secure Identity Ledger Corporation (SILC)SM platform does both.