<p>As the computing capacity and resources available to encryption-cracking hackers continues to increase, simple password security practices have all but lost their efficacy and are symptomatic of bigger picture identity and access management (IAM) problems. Citing research done on data in-house at IBM and industry statistics, researchers with IBM highlighted the deteriorating state of password security in the IBM X-Force 2012 Mid-year Trend and Risk Report it released today.</p><p>"It used to be that the cost to crack passwords with letter, number and punctuation combinations of more than eight characters, with the computing power that was available to the bad guys, was high enough to deter them," says Clinton McFadden, senior operations manager for IBM X-Force research and development.</p><p>[How are your web apps bringing databases under fire? See 10 Ways Developers Put Databases At Risk. ]</p><p>Not so anymore. According to McFadden, IBM tracked market reports and customer stories that show an increasing number of large password stores targeted by thieves, even when the passwords are hashed with encryption mechanisms.</p><p><a href="http://www.darkreading.com/identity-and-access-management/167901114/security/news/240007730/bashing-the-hash-ibm-x-force-on-password-follies.html">Keep reading...</a></p>