Language: rus ukr eng


Monday, 16 June
Mobile version  | RSS
News Ukraine Russia Peace Business Society Artistic and Culture Sports Policy PE Science and Health Photo Report Video

A system has been created that will protect the business from popular passwords

15 November 2017, 15:03 | Technologies
photo InternetUA
Text Size:

Shape Security has launched a Blackfish system designed to prevent hackers stealing or leaking passwords. Users often get by with one or two combinations of logins and passwords on dozens of different resources, so the leakage of logins from one can be a threat at once for many others.

Before it becomes known to all.

Shape Security has developed a Blackfish system designed to identify stolen logins and passwords on the Web even before the leakage becomes known. The technology is designed to help businesses block the use of their passwords stolen on unincorporated resources, and thereby prevent attempts to capture corporate accounts.

This is due to the fact that cybercriminals regularly automate the process of testing stolen or leaked passwords on third-party sites, based on the fact that users often use the same combination on several different resources.

At the same time, fraudsters often use leaked passwords also in order to make purchases on the Web for someone else's account. According to Shape Security, in many industries, including retail, more than 90% of attempts to enter online systems in one way or another are associated with attempts to use other people's logins and passwords.

To date, Shape Security customers are top banks, airlines, leading hotel chains and two ministries in the US.

How it works.

Description of the principles of the Blackfish system is rather sparingly. The developer's site states only that Blackfish uses artificial intelligence to identify attacks using stolen passwords. First and foremost, the system looks at where exactly the attackers are trying to access the resources they are interested in.

That is, for example, if a user regularly connects to the same bank from several points (from home or from work), and then suddenly there is an attempt to log in from a completely different place, located at a great distance from the previous points, the system it will react. Especially the system will be alerted if a suspicious entry attempt took place after a very short time for physically overcoming this distance.

By what other criteria does Blackfish determine whether the hijacking of passwords has occurred remains unknown.

In the event that the system is convinced that the login-password pair is compromised, then this combination is marked appropriately and deactivated for all Blackfish clients.

In addition, the system collects information about possible leaks and attempts to exploit stolen passwords of its customers, accelerating the exchange of such information and thereby increasing the overall level of security.

It is noteworthy that the information about the compromised passwords is stored in the Blackfish system solely in the form of hashes passed through the so-called Bloom filter - so even if the attackers crack the system itself, it will not be possible to get any useful information about the passwords from it.




Add a comment
:D :lol: :-) ;-) 8) :-| :-* :oops: :sad: :cry: :o :-? :-x :eek: :zzz :P :roll: :sigh:
 Enter the correct answer 
News archive "Technologies"
Ad
© 2009 - 2025 NewsMe. All rights reserved.
The site administration is not responsible for information what put in, as well as its reliability. Use material NewsMe permitted only for reference (for internet issues - hyperlinks) on NewsMe.com.ua.

Наши проекты: