May 7 is the World Password Day. Interestingly, the cryptocurrency space has introduced an enhanced means of getting around insecure passwords and phishing attacks. That is, with this new solution, there is no need to utilize a password which criminals exploit to carry out cyber attacks.
This solution is the lnurl-auth protocol which permits signing into a variety of accounts by receiving a QR code with a special message. Users will be able to utilize a public key attached to their wallets for the derivation of a unique key that is only compatible with the domain to be accessed. This key would authenticate that they are the owner of the account.
According to Podcaster Marty Bent, with this new solution, there is no need for websites to look up your information on a centralized database anymore, as such database are vulnerable to hacks.
Bent noted that the need to remember unique passwords for individual websites is no longer necessary. It is no longer necessary to create unique email addresses for each service; the anxiety over data theft on websites you are using has been eliminated; people will have total control of their accounts across the internet.
However, despite this being an interesting solution to look forward to, people will still need to look for other means of keeping their passwords secure until it becomes common.
A State of the Phish Report by Proofpoint in 2020 showed that 44 percent of respondents in a survey carried out in the U.S. utilized a password manager. Password manager is a protocol for storing passwords so that users can fill them in forms when required for their online accounts.
There is more likelihood of respondents from Australia, France, Germany, and the U.K. to depend on manual entering of different passwords each time they logged into an account, as in the survey. 16 percent of respondents globally said they use the same one or two passwords for all of their accounts (an unadvisable thing to do).
Hence, people need to improve their password strength and should avoid the use of any personal information. Passwords should contain a minimum of 12 characters and various characters in unpredictable places. They should not use capital letters at the beginning or digits or symbols at the end, says proofpoint.