A password security study by Imperva released data showing 32 million passwords exposed in the recent Rockyou.com breach. A report by Imperva’s Application Defense Center (ADC) showed that many of the hackings were due to weak commonly used passwords. Examples of these common passwords include: password, 12345 and iloveyou.

“Everyone needs to understand what the combination of poor passwords means in today’s world of automated cyber attacks: with only minimal effort, a hacker can gain access to one new account every second—or 1000 accounts every 17 minutes,” explained Imperva’s CTO Amichai Shulman. 

Fulcrum Biometrics, a distributor of biometric solutions across the globe, has announced it is now offering EikonTouch USB-connected fingerprint readers, a product of biometrics developer UPEK.

Among the features offered by the Eikon Touch line of readers is its one-touch placement, along with some specific models offering other aspects such as FIPS 201 certification or protective coating for rugged field use.  

UPEK, a developer of biometric solutions, has announced the release of a new version of their Protector Suite 2009 fingerprint sensor software that now supports the Microsoft Windows 7 operating system by incorporating support for its Windows Biometric Framework. In doing so, UPEK has assured that its software suite will now work hand-in-hand with any of the many fingerprint sensors also supported by the framework. 

PhoneFactor, a developer of phone-based security solutions, has announced that their new solution from them offers three-factor authentication over the phone. The company expects the solution to fit in well in a number of agencies and organizations seeking more secure and quicker methods of authenticating customers over the phone when sensitive or personal data may be exchanged. 

by Bryan Ichikawa, Unisys Corp.

In discussions of identity, Public Key Infrastructure (PKI) is often mentioned in the same breath as smart cards and biometrics. While the latter two are widely known and becoming familiar to their many users, PKI can still be confusing.

PKI stands behind the smart card and provides the platform for it to be successful. So with more digital identity documents being issued and PKI becoming more prevalent it’s important to get a handle on the technology. PKI can be expensive and could be hard to deploy when it was a new technique, but now it’s become mainstream and is commonly deployed in identity projects. 

ARX Inc. and IDology Inc. have partnered to create secure authentication solution for enterprises. The combination of the ARX CoSign and IDology ExpectID products means more secure online transactions and more opportunities to fight fraud.

CoSign, a provider of standard digital signatures collaboration with ExpectID IQ, an identity verifying solution, enables businesses to be assured documents are being signed by the right people. The new solution identifies the signer of important contracts, disclosures and other documents before attaching a forgery-immune digital signature. 

VASCO Data Security has released DIGIPASS for Windows Mobile. The new product will enable Windows Mobile users to have have access to m-banking, e-banking and e-commerce with DIGIPASS two-factor authentication.

The application is designed for corporate networks to allow secure remote access to business applications for employees. DIGIPASS for Mobile can be installed through as single download, or for corporate deployments a USB connection can launch the authentication application directly onto the mobile phone.