2014 Verizon Data Breach Investigations Report

1582 Words7 Pages

Due to vast majority of security issues and the lack in ability to manage multiple passwords, we decided to create SavePass, a web application designed to safely store the credentials of a user. We decided to embark on this project, due to the nature of the password problem and how they jeopardize individuals or corporations. We defiantly agree that there are such products available in market, that can perform similar functions, but a way we are aiming to keep our product unique is by getting rid of that one password we have to write down or memorize, to access all other passwords. The way we are trying to achieve that is to use a finger print scanner as a gateway to authenticate our servers online and granting access to user password database. …show more content…

In our team we have an average of 5 passwords per person, so it is definite that it gets difficult to remember them, or we end up doing a mistake of using same passwords for all accounts, which is highly dangerous as if one password is compromised then the chances are very high that a hacker can break into other accounts too. Also, during team discussion we realized that more than half of the time we tend to have the frustrating experience of forgetting a password.
According to the 2014 Verizon Data Breach Investigations Report, two thirds of security breaches are done by exploiting weak or stolen passwords. For example, one attack on JP Morgan compromised 75 million accounts and started when one employee's username and password were stolen (Green, 2015). Therefore, having stronger and more unique passwords decreases the possibility that the user’s other accounts will be compromised (Green, 2015). This is because they could use the same passwords for different accounts, or the accounts could be linked together, such as a Facebook account connected to …show more content…

Currently in market the amount of products we have to serve the similar purpose to allow a user to store their passwords securely online is quite a fair amount, but they are all usually priced high. The best 10 password managers all cost money--in the range of 12-40 dollars. And this payment is often per account. If a family wanted each member to have an account this price rises very quickly. (Rubenking).Also six out of out 10 studied password managers were vulnerable to invisible iFrame attacks on rogue website login pages (Silver, Jana, Boneh, Chen, & Jackson, 2014, p. 450). The password manager uses an autofill feature that is used to automatically generate those iFrame fields for the hacker, as a professional hacker can easily mask the login frames and obtain the user credential, at a rate of ten password per second, by keeping the user on the page, by displaying a loading icon, forcing user to wait.
But our idea is to completely eliminate the process of entering that issue by providing two features:
1. Completely blocking the autofill feature, which allows the user who want to use password to enter their credential database.
2. Use a fingerprint scanner as our primary method to enter the

More about 2014 Verizon Data Breach Investigations Report