**The State of Password Security**

Using complex and unrelated words to create passwords has become increasingly popular, but this approach may not be as secure as previously thought. In fact, research suggests that using simple words can actually make our devices and accounts more secure than mixing up upper and lower case letters, numbers, and special characters. For example, a well-known comic strip illustrates how a computer could take 550 years or at least 1,000 guesses per minute to figure out a password consisting of four simple words like "correct horse battery staple" compared to something like "rub four or and three," which would just take three days at the same rate.

The advent of alphanumeric passwords offered a potential solution, but it's not without its drawbacks. While it's true that alphanumeric passwords can be more secure than simple word combinations, they are still vulnerable to certain attacks. Additionally, the use of alphanumeric passwords can lead to slower login times and increased wear on devices, as users must press multiple keys to enter their password.

**Two-Factor Authentication: A Safer Alternative**

One potential solution to this problem is two-factor authentication (2FA). This approach involves entering a temporary code sent via text message or phone call in addition to the user's password. 2FA is becoming increasingly popular, and for good reason. By adding an extra layer of security, it makes it much more difficult for hackers to gain access to our devices and accounts.

However, there are still some concerns about the effectiveness of 2FA. For example, one of the biggest issues with patterns is that others can watch your finger moves across the device's display to decipher your pattern. This is particularly easy since there are only nine points on a typical device, giving hackers a much better chance of figuring out your pattern than if they were trying to detect the letters you're hitting on a keyboard.

**Biometric Security: A Mixed Bag**

Biometric security, such as fingerprint scanning and facial recognition, is often touted as a foolproof way to secure our devices. However, this is not entirely accurate. While biometric technology can offer some advantages, it's not without its limitations. For example, biometric scanners can be fooled with high-resolution photos of your fingerprint or face. Additionally, facial recognition systems are not yet as effective as they could be, and can often be circumvented with a well-made photograph.

**A Closer Look at Biometric Security**

According to Kyle Lady, Senior R&D Engineer at Dual Security, biometric technology on smartphones represents a shift mostly in accessibility, offering different properties to passwords rather than better or worse security. This means that biometric scanners are not inherently more secure than non-biometric security methods. In fact, researchers have successfully fooled even the most advanced fingerprint sensors using a technique called "gummy fingers," which involves creating a rubbery silicon replica of your fingerprint.

**The Power of 2FA**

In light of these limitations, it's clear that two-factor authentication is becoming an increasingly important aspect of online security. By adding an extra layer of security to our devices and accounts, we can make them much more difficult to hack. So, what do you think about your own password, fingerprint scanner, PIN code, or passcode? Do you use facial recognition to unlock your phone? Let us know in the comments below!

**The Importance of Domain Names**

Finally, when it comes to online security, even domain names can play a role. A well-chosen domain name can add credibility and trust to our online presence, making it more difficult for hackers to target us. And with the rise of dot-com domain names, this has never been easier. By registering your business name in a domain name extension like .com or .net, you can inject credibility into your online presence and make yourself harder to hack. Plus, don't forget about our exclusive offer - use the code Android at checkout to get 15% off your next domain name purchase!

"WEBVTTKind: captionsLanguage: enso you're concerned about securing your phone and you should be so is it iris scanners fingerprint scanners or pass codes what's the best way to lock it down now I know it's pretty self-evident but first we got to talk about the difference between biometric and non biometric data non biometric data is your password your passcode that you use to lock down your smartphone biometric data is when you are your password whether that's through your fingerprint or your iris or through some other biometric means we use to prove our identity to our phone now for a smartphone biometric security works like this you first begin by providing a biological sample that is digitized and then stored as read-only information on the device as you may have guessed it's stored as read-only so it prevents the information from being compromised and when you need to gain access to your device you have to provide another biological sample that is checked against the sample that is stored initially if the samples match you've proven your identity and gain access but if your sample does not match you've been unable to verify your identity and therefore get denied now some of you might be thinking why not just use a pin code or password which must simpler and faster right well in some ways they are inherently less secure this is because there is only a finite number of possible alphanumeric combinations that can be used for any given password so a hacker with enough time and tenacity could in theory figure out your password through a process of elimination or through a program that he or she writes or else a potential attacker could watch you input your password or pattern and after gaining access to your device attempt to follow along with your movements to satisfy your device's authentification requirements granted there are ways to mitigate this somewhat including by putting a limited number of times in which an incorrect password can be entered but this type of precaution is far from absolute for this reason fingerprint sensors are all the rage right now and becoming a standard feature even in mid to low range mobile devices now I know what some of you are thinking you're thinking Jace I have a thing fantastic password it cannot be guessed by anybody it's not simple super complicated with special characters capitals just crazy stuff no one's gonna hack that thing or guess it well let's hear from an expert this is bill burr a former manager at the National Institute of Standards and Technology no not that bill Berger in 2003 burr created an 8 page guide that would go on to inform the password creating guidelines but which we all are forced to abide by today but Bert recently came clean and admitted that he had a very poor understanding of how passwords actually worked at the time and he's very sorry that his misguided treaty is the reason we must make these unnecessarily complicated passwords that don't make our devices or accounts any more secure we now know that using a string of simple and unrelated words is actually more secure than using a shorter password in which there is a mix-up of upper and lower case letters numbers and special characters there was a well-known comic strip that explains this best illustrating how a computer could take 550 years or at least 1,000 guesses per minute to figure out a password consisting of four simple words like correct horse battery staple while something like rub four or and three would just take three days at the same rate now there is a saving grace for alphanumeric passwords and I know you're gonna groan because it's a pain in the butt it is two-factor authentication basically rather than immediately granting entry with the input of your password two-factor authentication means that input of your password will trigger a one-time temporary code to be sent to you typically a numeric code sent via text message or a phone call and you can only gain entry once you've inputted the temporary code in the login window now what about patterns is that any better one of the biggest issues with patterns is that others can watch your finger moves across the devices display to decipher your pattern it's particularly easy since there are only nine points on your device giving hackers a much better chance of figuring out your pattern than if they were trying to detect the letters you were hitting on a keyboard for an alphanumeric password and almost half the lock screens started in the upper left-hand corner according to some data so that means that biometric security must be inherently more secure correct well to some degree yes when it comes to fingerprint sensors it creates a virtual image of your fingerprint by inferring the pattern from the different levels of a charge between the ridges and valleys of your print while something like an optical fingerprint scanner can be fooled with a high-resolution photo of your fingerprint capacitive scanners are more secure because they measure the actual physical structure of your fingerprint as such using your fingerprint to secure your device is probably going to be the most secure method available to you but how secure is it really well not even biometric security is completely infallible in fact kyle lady senior R&D engineer of dual security doesn't consider biometric security on smartphones to be really any better than non biometric security methods according to Kyle biometric technology on smartphones represents a shift mostly in accessibility and offers quote a different set of properties to passwords not better or worse but different how is that possible you ask well a professor at University of Oxford professor Rogers had his students attempt to fool each other's authentication methods available on smartphones accordingly they have managed to best every single one including fingerprint sensors for no more than the cost of a cup of coffee during a conversation we had with Professor Rogers he explains how they manage to trick the fingerprint sensor which they did with so-called gummy fingers basically gummy fingers our fingerprint replica is made of rubbery silicon like materials that are able to capture significant fingerprint detail in order to fool the capacitive sensor which of course leaves us with facial recognition and iris scanners while the consensus seems to be that facial recognition isn't quite in the same league as fingerprint sensors when it comes to biometric authentication because facial recognition can often be circumvented with a photograph god this is starting to sound like a doomsday show it's not meant to be that way the point is is that no security system is infallible anything can be but on the other hand as we progress it is getting harder and harder to hack these systems keep some point I know there was a big scandal I did a show about it after the sa was hacked like a month after it launched but come on that German team put a lot of effort and hacking that most people are not going to be troubled going through that much hassle to hack your particular phone so use your common sense what do you think about your fingerprint scanner your pin code your passcode your iris scanners I know I've seen some people use facial recognition where family members are using the facial recognition to get into a family member's phone has that happened to you let me know in the comments below now my audience is smart so smart that sometimes you're inspired by a business idea and then you try and get the name of that business in a domain name and your next prospective customer is searching your business name and they assume you have the dot-com and if you don't you're giving your business away to the one who does that's the power of a.com now why is that exactly well no domain name extension tells your story with the same degree of trust as a dot-com or dotnet domain name.com and dotnet domain name extensions inject credibility and your online presence and who doesn't want to be credible and don't forget you get 15% off when you use our coupon code Android when you think domain names think domain.com youso you're concerned about securing your phone and you should be so is it iris scanners fingerprint scanners or pass codes what's the best way to lock it down now I know it's pretty self-evident but first we got to talk about the difference between biometric and non biometric data non biometric data is your password your passcode that you use to lock down your smartphone biometric data is when you are your password whether that's through your fingerprint or your iris or through some other biometric means we use to prove our identity to our phone now for a smartphone biometric security works like this you first begin by providing a biological sample that is digitized and then stored as read-only information on the device as you may have guessed it's stored as read-only so it prevents the information from being compromised and when you need to gain access to your device you have to provide another biological sample that is checked against the sample that is stored initially if the samples match you've proven your identity and gain access but if your sample does not match you've been unable to verify your identity and therefore get denied now some of you might be thinking why not just use a pin code or password which must simpler and faster right well in some ways they are inherently less secure this is because there is only a finite number of possible alphanumeric combinations that can be used for any given password so a hacker with enough time and tenacity could in theory figure out your password through a process of elimination or through a program that he or she writes or else a potential attacker could watch you input your password or pattern and after gaining access to your device attempt to follow along with your movements to satisfy your device's authentification requirements granted there are ways to mitigate this somewhat including by putting a limited number of times in which an incorrect password can be entered but this type of precaution is far from absolute for this reason fingerprint sensors are all the rage right now and becoming a standard feature even in mid to low range mobile devices now I know what some of you are thinking you're thinking Jace I have a thing fantastic password it cannot be guessed by anybody it's not simple super complicated with special characters capitals just crazy stuff no one's gonna hack that thing or guess it well let's hear from an expert this is bill burr a former manager at the National Institute of Standards and Technology no not that bill Berger in 2003 burr created an 8 page guide that would go on to inform the password creating guidelines but which we all are forced to abide by today but Bert recently came clean and admitted that he had a very poor understanding of how passwords actually worked at the time and he's very sorry that his misguided treaty is the reason we must make these unnecessarily complicated passwords that don't make our devices or accounts any more secure we now know that using a string of simple and unrelated words is actually more secure than using a shorter password in which there is a mix-up of upper and lower case letters numbers and special characters there was a well-known comic strip that explains this best illustrating how a computer could take 550 years or at least 1,000 guesses per minute to figure out a password consisting of four simple words like correct horse battery staple while something like rub four or and three would just take three days at the same rate now there is a saving grace for alphanumeric passwords and I know you're gonna groan because it's a pain in the butt it is two-factor authentication basically rather than immediately granting entry with the input of your password two-factor authentication means that input of your password will trigger a one-time temporary code to be sent to you typically a numeric code sent via text message or a phone call and you can only gain entry once you've inputted the temporary code in the login window now what about patterns is that any better one of the biggest issues with patterns is that others can watch your finger moves across the devices display to decipher your pattern it's particularly easy since there are only nine points on your device giving hackers a much better chance of figuring out your pattern than if they were trying to detect the letters you were hitting on a keyboard for an alphanumeric password and almost half the lock screens started in the upper left-hand corner according to some data so that means that biometric security must be inherently more secure correct well to some degree yes when it comes to fingerprint sensors it creates a virtual image of your fingerprint by inferring the pattern from the different levels of a charge between the ridges and valleys of your print while something like an optical fingerprint scanner can be fooled with a high-resolution photo of your fingerprint capacitive scanners are more secure because they measure the actual physical structure of your fingerprint as such using your fingerprint to secure your device is probably going to be the most secure method available to you but how secure is it really well not even biometric security is completely infallible in fact kyle lady senior R&D engineer of dual security doesn't consider biometric security on smartphones to be really any better than non biometric security methods according to Kyle biometric technology on smartphones represents a shift mostly in accessibility and offers quote a different set of properties to passwords not better or worse but different how is that possible you ask well a professor at University of Oxford professor Rogers had his students attempt to fool each other's authentication methods available on smartphones accordingly they have managed to best every single one including fingerprint sensors for no more than the cost of a cup of coffee during a conversation we had with Professor Rogers he explains how they manage to trick the fingerprint sensor which they did with so-called gummy fingers basically gummy fingers our fingerprint replica is made of rubbery silicon like materials that are able to capture significant fingerprint detail in order to fool the capacitive sensor which of course leaves us with facial recognition and iris scanners while the consensus seems to be that facial recognition isn't quite in the same league as fingerprint sensors when it comes to biometric authentication because facial recognition can often be circumvented with a photograph god this is starting to sound like a doomsday show it's not meant to be that way the point is is that no security system is infallible anything can be but on the other hand as we progress it is getting harder and harder to hack these systems keep some point I know there was a big scandal I did a show about it after the sa was hacked like a month after it launched but come on that German team put a lot of effort and hacking that most people are not going to be troubled going through that much hassle to hack your particular phone so use your common sense what do you think about your fingerprint scanner your pin code your passcode your iris scanners I know I've seen some people use facial recognition where family members are using the facial recognition to get into a family member's phone has that happened to you let me know in the comments below now my audience is smart so smart that sometimes you're inspired by a business idea and then you try and get the name of that business in a domain name and your next prospective customer is searching your business name and they assume you have the dot-com and if you don't you're giving your business away to the one who does that's the power of a.com now why is that exactly well no domain name extension tells your story with the same degree of trust as a dot-com or dotnet domain name.com and dotnet domain name extensions inject credibility and your online presence and who doesn't want to be credible and don't forget you get 15% off when you use our coupon code Android when you think domain names think domain.com you\n"