Petition Against Passwords Empowers Consumers to Voice Their Demand for Greater and More Convenient Online Identity Protection
San Francisco, CA (PRWEB) July 24, 2013 -- Today marked the launch of a new public advocacy initiative, the Petition Against Passwords (http://www.petitionagainstpasswords.com). Designed to help consumers voice their desire for greater and more convenient online identity protection, the initiative is backed by a new generation of identity companies, each offering a replacement for hack-prone usernames and passwords on the web.
The petition sheds light on the need for a significant digital identity overhaul in the wake of large-scale data breaches that have affected some of the most trusted brands on the Internet including LinkedIn, Twitter, Living Social, Yahoo and others*. These breaches reflect a harsh reality that, the current paradigm of password-based authentication, is no longer capable of withstanding sophisticated hack attacks.
*San Francisco Chronicle – LinkedIn Data Breach: http://bit.ly/1c0xapg
*Social Times – Twitter Data Breach: http://bit.ly/TnFf07
*CRN – Living Social Data Breach: http://bit.ly/17t8ZMV
*Cnet – Yahoo Password Leak: http://cnet.co/SdDdMp
To give a few concrete examples of why a paradigm shift is needed, the initiative collected data related to the impact from breaches.
• Total number of records containing sensitive personal information involved in security breaches in the United States is 608,087,870 in 3,763 data breaches since January 2005.
- A Chronology of Data Breaches, Privacy Rights Clearinghouse, June 2013
• Most data breach victims fell prey because they were found to possess an (often easily) exploitable weakness rather than because they were pre-identified for attack; 79% of victims were targets of opportunity, and 96% of attacks were not highly difficult
- 2012 Data Breach Investigations Report, (DBIR), Verizon Business, April 2012
• In 2012, the Identity Theft Resource Center documented 447 breaches in the United States, exposing 17,317,184 records. In the first half of 2013, there have so far been 255 incidents, exposing 6,207,297 records.
- ITRC Breach Report, Identity Theft Resource Center, May 2013
• In the United States, data breach incidents cost companies $194 per compromised record. The average total cost per company that report a data breach in 2012 was down slightly at $5.4 million.
- 2013 Cost of a Data Breach: Global Analysis, Ponemon Institute and Symantec, June 2013
• Through 2016, the financial impact of cybercrime will grow 10 percent per year due to the continuing discovery of new vulnerabilities.
- Gartner Top Predictions for 2012: Control Slips Away, Gartner, December 2011
In addition to increased security, consumers are also asking for “easier-to-manage” solutions to replace the more cumbersome one-factor authentication processes. According to a 2012 poll conducted by identity company Janrain, 50% of the 2000 American adults surveyed, “keep track of five or more unique website passwords, and almost a third must remember at least 10”.
“Neither consumers nor the digital businesses that serve them fully understand the risk associated with the usernames and passwords,” said Brennen Byrne, CEO of Clef. “Our industry needs to accept the fact that the status quo for authentication, is no longer working. If we don’t enact change for identity protection, we will continue to frustrate our users and will see more large-scale data breaches every day.”
To provide a dialog framework between consumers and digital businesses, the Petition Against Passwords has created a consumer-rights mission statement. The mission statement is intended to encourage businesses offering one-factor authentication to employ “best practices” for identity protection. Only through broad-market adoption and standardization, will consumer identity online truly be secure.
Because of the broad public interest in digital identity protection, the Petition Against Passwords is gaining support by organizations and individuals from a cross section of technology, industry research, consumer advocacy and public policy sectors.
“With the continued online breaches of usernames and passwords, the public trust in digital identity protection is starting to erode,” said Supervisor Malia Cohen, who represents the Southeast sector of San Francisco. “It’s clear that usernames and passwords are no longer working. Consumers need to be better informed of those identity solutions that offer greater security and privacy protection. I encourage consumers to learn more about the petition, and to participate in the conversation on the need for greater digital identity protection.”
To help facilitate greater awareness for more secure identity options, the Petition Against Passwords recommends that consumers and digital businesses alike, explore solutions from leading technology providers including Google, LaunchKey, OneID, Nok Nok Labs, Mozilla Persona, Clef, PayPal and others.
To learn more about the Petition Against Passwords initiative visit http://www.petitionagainstpasswords.com.
Tim Donovan, Clef, 510-593-0064, [email protected]
Share this article