August 05, 2019
Practitioners accessing the EyeSpace Online system recently noted a change in the user access security system now requiring email authentication.
Many have asked us why the change?
Over the last number of years, the potential for online privacy breaches has grown significantly. In response to these threats, many countries have ramped up their data privacy policies. Moving towards compliance with these new laws, EyeSpace is tasked with the difficult job of enforcing security best practices which many practitioners have likely not come across before.
Passwords are one of the most significant weaknesses in a modern information system. Password requirements, such as imposing a minimum number of characters, encourage users to reuse passwords across different accounts, which creates another set of problems both for the provider and the practitioner.
Removing password-based access in favour of email authentication, at least for now, has allowed us to significantly increase security without maintaining a complicated system subject to compliance issues.
Navigate to the eyespacelenses.com website.
A new window will open requesting your email address.
You will receive a once-off time-limited code sent to you via email:
To complete the login process:
Chrome users can change the browser settings to keep the session active even after closing the window. With this option activated, it is highly recommended to log out of Chrome at the end of your work session.
Benjamin Edwards, Steven Hofmeyr, Stephanie Forrest, Hype and heavy tails: A closer look at data breaches, Journal of Cybersecurity, Volume 2, Issue 1, December 2016, Pages 3–14, https://doi.org/10.1093/cybsec/tyw003
“...a password, and all the accounts it provides access to, can be no more secure than the weakest system using that password.” Ives, Blake & Walsh, Kenneth & Schneider, Helmut. (2004). The Domino Effect of Password Reuse. Communications of the ACM. 47. 75-78. 10.1145/975817.975820.