Using strong and constantly updated passwords is one of the first steps to take to protect your sensitive data online. To reiterate this, on the occasion of del World Password Day on May 7th, is ToothPic, the innovative startup operating in the cyber-security sector and whose mission is to help organizations protect their digital services. Founded by Diego Valsesia, Giulio Coluccia, Tiziano Bianchi, Enrico Magli – 4 researchers and professors from the Department of Electronics and Telecommunications of the Politecnico di Torino – ToothPic has in fact invented, designed, developed and patented a solution to transform every smartphone into a secure key for online authentication, taking advantage of the hidden and involuntary signature that each camera leaves.
“The theft and compromise of passwords and access credentials to web services represent the most common vulnerabilities and are cause of almost 40% of cyber attacks“remember the founders of ToothPic who, on the occasion of World Password Day, launched a vademecum to control data theft. The first tip is “Do not reuse the same password to access multiple services”, but also “Avoid clicking on links contained in messages or emails, even if they arrive from senders who at first sight are trusted or known, in which authentication data are requested”. In addition, from the startup they remind of “update passwords that are too weak which can facilitate hackers, allowing them to intervene with direct brute force attacks. PiPasswords are long and non-trivial, the harder they will be to decipher, “they warn.
It is also important “protect the same smartphones and computers with a code, password or biometrics that it makes the content at least secure “and finally it is necessary “always enable multifactor authentication, preferring token-based authenticators or app with respect to codes sent via sms “. The founders of ToothPic underline that” unfortunately the numerous thefts of credentials in the last year testify to how much traditional access methods are still too vulnerable, as well as not very user-friendly, especially for companies, financial institutions and public administration “.
“If historically it was necessary to prove knowledge of a password to access a web service, today it is It is advisable to combine another verification factor such as possession – smartphone, token, smartcard- or biometric, thus creating Multi-Factor Authentication (Mfa) schemes “affirm Diego Valsesia, Giulio Coluccia, Tiziano Bianchi, Enrico Magli who, however, highlight:” Although this practice is strongly recommended, it is still largely optional for the user who often does not activate it for usability reasons “.
ToothPic, finally remember the founders of the startup, “it was created precisely to protect the digital assets by making them available the technological uniqueness of its multifactor solution. Our technology, currently protected by 4 patents, transforms each user’s smartphone into a key for passwordless online authentication, guaranteeing a more competitive solution in terms of security, usability, integration and costs compared to the approaches commonly used to access online “.