Imperva Releases Detailed Password Cracking Analysis
(Thomson Reuters ONE) -
Data Security Firm's Report Highlights How Enterprises Must Implement Stronger
Password Security Systems to Counter More Sophisticated Hacking Techniques
Redwood Shores, Calif., December 14, 2011 - Imperva (NYSE: IMPV), a pioneer and
leader of a new category of data security solutions for high-value business data
in the data center, today announced a new report detailing how hackers crack
passwords. The report, Enterprise Password Worst Practices, is a sequel to
Imperva's 2009 report, Consumer Password Worst Practices.
The report is available here.
"Instead of consumers, we believe responsibility rests on enterprises to put in
place proper password security policies and procedures as a part of a
comprehensive data security discipline," explained Imperva CTO Amichai Shulman.
"Passwords should be viewed by security teams as highly valuable data. We hope
this paper guides enterprises to rectify poor password management practices."
The reports details:
* How hackers bypass security controls to protect passwords.
* Popular, key online resources hackers employ, including one website
containing 50 billion possible password permutations.
* Key steps that Imperva recommends IT teams within enterprises undertake in
order to mitigate password breaches. Imperva's recommendations include:
* Using passphrases: Allow users to choose longer passwords which are
easier to remember. Passphrases provide the necessary length yet do not
require the user to write down the secret on a note left on the worker's
desk.
* Enforce strong password policy. This doesn't mean just applying
restrictions on the character types, but also by comparing against
dictionaries used by attackers. In fact, Hotmail recently banned the
usage of common passwords. This also means defining and banning site-
specific passwords, as well as banning numerical or keyboard sequences.
* Use of a special form of encryption known has "salted digests." A salted
value, which is a random value pre-pended to a password before it is
encrypted, should increase the cost of guessing the password so that
financially-motivated hackers will not make such an investment.
About Imperva
Imperva is a pioneer and leader of a new category of data security solutions for
high-value business data in the data center. With more than 1,500 end-user
customers and thousands of organizations protected through cloud-based
deployments, Imperva's customers include leading enterprises, government
organizations, and managed service providers who rely on Imperva to prevent
sensitive data theft from hackers and insiders. The award-winning Imperva
SecureSphere identifies and secures high-value data across file systems, web
applications and databases. For more information, visit www.imperva.com, follow
us on Twitter or visit our blog.
This announcement is distributed by Thomson Reuters on behalf of
Thomson Reuters clients. The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and
other applicable laws; and
(ii) they are solely responsible for the content, accuracy and
originality of the information contained therein.
Source: Imperva Inc. via Thomson Reuters ONE
[HUG#1571197]
Datum: 14.12.2011 - 14:26 Uhr
Sprache: Deutsch
News-ID 97028
Anzahl Zeichen: 3785
contact information:
Kategorie:
Business News
Diese Pressemitteilung wurde bisher 130 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Imperva Releases Detailed Password Cracking Analysis"
steht unter der journalistisch-redaktionellen Verantwortung von
Imperva Inc. (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
