Password Security: Is There Nothing Better?
While no security solution is perfect, we need something better than just passwords. First it was ChoicePoint. Now it's LexisNexis. PCWorld has a story saying that the identifying data of about 300,000 people may have been stolen from the data company. While LexisNexis is spinning the story by saying the first 2,800 people contacted have not yet noticed any illegal activity, it is just a matter of time. I can imagine someone burning copies of CDs with the stolen data on it and selling it to crime syndicates around the world.
Identity theft will now be, if it isn't already, the biggest growth industry in crime. Close to half a million people may have had their personal information stolen. And that's just from two companies that reluctantly admitted the break ins. How many other companies, big and small, have had their security breached and financial data stolen? How many millions of people are even now at risk?
Data brokers and financial institutions make it entirely too easy to create and access accounts. Most use only passwords to identify their customers. How insecure is that? Many European banks have long since switched to more secure ways by using things like digital signatures, two-factor authentication, or other means to identify their customers.
Why aren't US businesses more concerned about security?