Feeds

Passwords are for AES-holes

Security is an illusion

Remote control for virtualized desktops

'Q. What was the name of your wife's first lover?'

As far as I'm concerned, I demonstrated who I was when I walked past the entrance CCTV and used my RFID pass to get in the building. Why I had to keep doing it in increasingly ludicrous ways throughout the day is beyond me.

As for the need to create a password that isn't the name of your kids or their birthdays or the word 'password', I do get it. But the current new wave of online harrassment to make you invent an utterly forgettable 'strong' password?

Costa coffee

Froth is NOT good for fingerprint security

Oh come on - the biggest security threat to my online accounts isn't the risk of a mischievous Russian hacker spending a week trying to guess my 'strong' password but the depressing likelihood of a civil servant leaving my 'strong' password on a USB stick in the back of a taxi or a sacked call-centre underling in Bangalore selling my 'strong' password to the highest bidder.

Now the staff at many Costa Coffee outlets are having to struggle with stupid new fingerprint readers to access their cash tills. Costa customers, have you seen a barista manage to get one of those pieces of crap to recognise their fingerprint in fewer than half a dozen attempts?

At least it's secure, I suppose: no one can get the bloody cash till open, including the staff.

And how secure is it, really? Sure, the old movie cliché of hacking off someone's hand and using it to trigger fingerprint readers doesn't work any more because they now incorporate heat sensors or pulse detectors. But there are ways to cheat them, including an old favourite involving creating a fake fingertip from gelatin: if approached by the police, you can always eat the evidence.

Minority Report. Source: Twentieth Century Fox Home Entertainment

'Balls, I brought the wrong eye'
Source: 20th Century Fox Home Entertainment"

No, this saturation of logins we're faced with today isn't really about our security at all. It's about employers bullying their staff into submission by forcing them 20 times a day to request permission to do their jobs. And it's about organisations using endless rounds of 'strong' password reminders as a smokescreen to hide the fact that their own protection of customer records can be snapped like a twig by the dimmest disgruntled outsourced employee.

Security my arse. Read my finger. ®

Alistair DabbsAlistair Dabbs is a freelance technology tart, juggling IT journalism, editorial training and digital publishing. He loves all the big companies he has worked for and only tries to sound cross about their mania for multiple logins for the purposes of this column. Mind you, one has just introduced the need for a new login just to use the telephone.

Choosing a cloud hosting partner with confidence

More from The Register

next story
NOKIA - Not FINNished yet! BEHOLD the somewhat DULL MYSTERY DEVICE!
N1 mini-'slab to plop into crowded pond next year
The Nokia ENIGMA THING and its SECRET, TERRIBLE purpose
Finnish firm coyly exposes mystery product – and WE NO what it is
Heyyy! NICE e-bracelet you've got there ... SHAME if someone were to SUBPOENA it
Court pops open cans of worms and whup-ass in Fitbit case
SLURP! Flick your TONGUE around our LOLLIPOP – Google
Android 5 is coming – IF you're lucky enough to have the right gadget
Nokia's N1 fondleslab's HIDDEN BRILLIANCE: The 'Z Launcher'
Sugarcoating Android's Lollipop makes tab easier to swallow
Space Commanders rebel as Elite:Dangerous kills offline mode
Frontier cops an epic kicking in its own forums ahead of December revival
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.