Story image

Review: Locker Password Security

There’s a million password security and token systems out there, what makes Locker an RSA killer?

In the last week both my Twitter and Pinterest profiles have been hacked. I’m one of the users who’s info appears to have been obtained via the recent attack on Adobe.

I’m a geek and my passwords are 13 characters, but I fell foul of the single password problem. It doesn’t matter how long your password is, if you use the same one or a variation on the same password, you are easy prey to spammers.

When companies get hacked and data is obtained, they’re not after your credit card details, they’re after your email and password. You are your brand and you’re worth a lot to them.

According to Forbes, the average value of a social media user is approximately US$100. If a hacker gains access to multiple user’s social media accounts, the value of using them as a marketing tool is massive. Luckily, social media accounts are hacked by spammers who post rubbish that’s easily spotted.

Your brand is massively important. What if someone had access to your account and posted links to a related product? You’d be pushing your users to their product and you may not even know. This could be catastrophic for your brand.

As a company, who has the keys to your social media accounts? Is it one person or many?Is it someone who updates it from home? Imagine a disgruntled ex employee who still has access to your social media page. Anyone remember HMV? Protecting your employee’s passwords to their social media page is as important as yours if you use social media.

Locker is a product by innovative Kiwi company Optimizer that aims to solve the problem for personal users and companies.

It’s a true two factor secure locker that stores not just passwords, but any data you want kept from prying eyes. It creates long massively secure passwords (not just letters, but numbers and symbols).

There’s a lot of companies that do password security, but they’re not proper two factor and someone with a little bit of skill could easily hack.

Locker Personal is a set of two solid metal USB ‘keys’ that you setup, lock one away and put the other on your keychain. That way it’s always with you. You download the Locker application, install the browser extension and you’re ready to go.

So what’s the difference? Well Locker requires not just the key plugged in, but also the passphrase that you create. A lot of password managers use a passphrase, but that’s only one point of security. With Locker, you require the physical key as well. True two-factor security!

Don’t worry if you lose it or it gets stolen, no one can access your information without your passphrase. Lots of other systems (inc Google) recommend SMS as the second factor, but that’s pretty easy to get around ;) As Locker securely stores your passwords (they can’t even access them), you can recover your passwords with the backup key.

But as a business, what use is that for you? Locker offer an Enterprise version. This is a physical server stored in your data centre providing you your own encrypted private cloud. You provide a key to each of your users. It works with your existing permissions to give access to users on your terms. If they leave, you can kill the key remotely.

Gone are the days of RSA keys, USB security tokens are where it is heading. But here’s where they have their flaw just as much as RSA keys. They require an application running on a VM in your data centre. If they’ve got access to your network, they’ll have the skills to access your VMs. If major Universities can be hacked, why would your business be any different?

Locker takes a different approach. With a 1U physical server in your data centre, if someone wants to access it, they’ll need to have the physical master key and plug it into the server. That’s some James Bond or Ethan Hunt stuff right there!

Pros:

  • Personal version securely stores passwords, credit card details etc
  • Enterprise version stores passwords, documents and data in your company’s server
  • Remote recovery and killswitch
Cons:
  • Physical access to server required, but is that a con?
Summary:

Locker stores your important documents and data in your own encrypted cloud and can back it up to a secure private cloud here in NZ.

As a business in today’s security conscious environment, it’s a no brainer. If you’ve got data you want securely kept away from prying eyes then you seriously need to consider Locker.

If you’re C-Level or above, ask yourself this question. How much do you value your IP or brand? Locker provides an answer that’s ideal for NZ businesses. You get to keep your IP secure and for backup, where would you rather it be, USA or NZ?

Score: 4.5 / 5

Story image
08 Nov
NZ car retailers bringing test drives to a whole new level
Local car retailers are converting a new SUV into an Xbox controller, allowing customers to experience the capabilities of the vehicle while inside a virtual environment.More
Story image
06 Nov
Game review: Hideo Kojima presents Death Stranding
Death Stranding is a fun and unique game if you want to play something new and different. If you want all-out action, you may want to go out and play something else instead. It’s best to research the game as much as you can before you decide to buy it though.More
Story image
31 Oct
Alibaba Cloud and Animal Logic extend collaboration
Through this partnership, the parties hope to drive efficiencies of media production by utilising more cloud computing technologies, according to a statement.More
Story image
08 Nov
Samsung and Finder launch Aussie first with new credit card search feature
Samsung Electronics Australia and Finder have launched Promoted Cards, a new credit card shopping feature for Samsung Pay which provides Australians with different credit card offers from participating financial institutions.More
Story image
Yesterday
Hands-on review: OPPO ENCO Q1 Wireless Noise Cancelling Headphones
The tone and clarity is brilliant. I’m just waiting to see how they cope with Barry Gibb’s falsetto. The melody and lyrics are clear with rich tones. Oh no! I can feel my feet tapping and my arms want to disco! Help! More
Story image
Yesterday
Consumers fail to see value of 5G, Deloitte study finds
Up to 84% of respondents said they were not prepared to pay the $15 premium operators are proposing for 5G, indicating that telcos need to better communicate the value of the upgrade to consumers, Deloitte says.More