5. Phishing attacks will still be effective. The attacks may not scale like they have in the past, but targeted attacks will trick victims into divulging information that enables an attacker to take over an account or install malware on the victim’s system.
This year’s Adobe password breach also reinforced that passwords themselves need to be more secure. How can organizations prevent almost 2,000,000 users from choosing “123456” as their password? And will adopting two-factor authentication make users think they can be lazier about protecting their static passwords? Safari’s iCloud Keychain is a great step forward: Have the browser choose strong passwords for every site and sync them throughout the user’s devices.
Organizations will need to focus on what they can easily control to improve security. Increased two-factor authentication implementation, improvements to password recovery and reset mechanisms will be the main focuses of 2014.
Then again, once something becomes more foolproof, a better fool is invented. It’s not much different than trying to predict the future.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.