All year, Sue Marquette Poremba has been writing on IT Business Edge about the increasing fallibility of password-based security systems, most recently finding cause for alarm in malware known as Citadel, which is believed to specifically target password management systems that collect multiple passwords for users. Security researchers estimate that one in 500 computers is infected with Citadel.
Today, Intel announced that it is acquiring password management software maker PasswordBox for an undisclosed sum. PasswordBox – not specifically named as a target of Citadel – claims 14 million downloads of its product in two years, according to Wall Street OTC. It also garnered attention at this year’s CES, winning Best Mobile App, according to Reuters. Intel plans to improve the technology and will be placing it within its Intel Security group, which includes the rebranded McAfee security technology also acquired by Intel, say Channelnomics and other sites today.
Intel’s assumption of increased responsibility for users’ password security centers around a plan to address three goals:
Though the vulnerabilities of passwords are well-known by experts and mainstream users alike, a successful replacement acceptable to vendors, who are sensitive to any attached increased costs, or to users, sensitive to having to do anything differently than they have before, has yet to be put in place. Even purpose-built security devices are regularly being installed with wide-open holes, due to poor or non-existent passwords: Witness the recent story of a website that has collected feeds from over 73,000 security cameras in 256 countries, all unsecured and easily accessed through default passwords. This is basically what we are moving toward with the Internet of Things in the next few years, except it won’t be just security cameras – it’ll be everything in the home and office.
Intel made no mention related to its acquisition announcement of a move beyond passwords for increased data and device security, but at least PasswordBox’s strong mobile integration may help the firm move its users toward stronger password usage, with a minimum of inconvenience. It’s still passwords, but it’s a start.
Kachina Shaw is managing editor for IT Business Edge and has been writing and editing about IT and the business for 15 years. She writes about IT careers, management, technology trends and managing risk. Follow Kachina on Twitter @Kachina and on Google+