Google and Facebook in a bid to enhance the security are under process to design a physical token, which would be inserted in the computers instead of virtual passwords to access the accounts. The latest system would enable the user’s access their accounts and websites only after inserting a special tailored token, which would be as small as a memory stick, and then typing their password. A report from the Daily Express revealed that token would be embedded with cryptographic card, which will hold security information.
Microsoft Corporation is still in the process of testing the feasibility of the technology, whereas Facebook and Google have already made their employees use the system. John Flynn, a Facebook security engineer, said that the company is monitoring the evolving authentication technology, and hardware authentication is a part of the system.
Computer system specialists believe that this is the best way to provide extra security for users especially, when they fall victim because of using ‘dumb passwords.’ Back in December, usernames and passwords of around two million users was hacked on Facebook, Google, Twitter, LinkedIn, YouTube and other website. An analysis by SpiderLabs revealed that most commonly used password was ‘123456’ followed by ‘123’ and ‘1.’ Independent security expert Graham said: “People are using very dumb passwords. They are totally useless.”
These 2 million passwords from different websites were posted on a ‘Black Hat’ website. According to a blog post from Trustwave, information was published by the criminal gang most probably. At that time, analysts said that passwords are hacked from the botnet named Pony, which gathered information from tens of thousands of infected computers across the globe. It was also revealed that passwords stolen were published in the Russian language.
On the homepage of the website, it was written that the site offered 318,121 username and password combinations for Facebook alone. Apart from that the username/password combination of the users on the other website was also revealed on the Russian social media sites VKontakte and Odnoklassniki. However, Facebook said after the incident that it was not any sort of technical glitch on company’s part, but the passwords were hacked from the infected computers.