survival of the fittestHas the Time Come for Passwords to Die?
These days, even the word "password" can make us weary. There are so many rules and advice on how to keep good "password hygiene", and being constantly alert and ready has led us to so-called security fatigue.
According to Malwarebytes, an anti-malware software company, we have become desensitized to the dangers of cyber-crime. People are constantly encouraged to be alert, to update and use complicated and hard-to-remember passwords, run antivirus programs and participate in two-factor authentication, but they are not completely sure what may happen if they do or do not comply with such requirements.
A survey conducted by OnePoll in 2016 found that only 16 percent of respondents maintained a unique password for each online account, while over 25 percent of respondents said they had experienced a digital breach in the last 12 months. This means that a vast majority of people reuse the same password over and over again, so if one account is compromised, they are all compromised.
According to a Visa Biometric Authentication study, 73% of European consumers see two-factor authentication, where a biometric is used in conjunction with another authentication method, as a secure method to confirm an account holder.
Juggling all the logins, pins and passwords has understandingly led to security fatigue: using the same password for all accounts, choosing weak and easy-to-remember passwords and writing them down. And that can lead to serious breaches, data loss and financial damage, which can happen in a matter of minutes.
DEATH OF THE PASSWORD
Back in 2004, Bill Gates claimed the password could not meet the challenges of keeping information secure and predicted their demise. Today they are still very much alive, but as we are faced with growing cybersecurity threats, and living in times when technology is advancing in giant leaps, the question is – has the time finally come for passwords to die?
Researchers of the U.S. Federal Trade Commission found that it takes only 9 minutes for hackers to try to use the stolen data.
For many, passwords seem like an antiquated technology and experts are continuously calling for the death of the password, but is this premature?
Surely, people are tired of thinking up new combinations of letters, numbers and symbols, and it is becoming increasingly difficult for the right combination to keep the hackers at bay. And new technologies are certainly not helping their case. It seems, however, that passwords still can help keep us secure and are set to stay alive a while longer – as a secondary or fallback authentication factor.
In other words, it is clear that we cannot keep relying only on passwords, but we can combine them with advancing technology that not only raises the bar for security, but also supplies better user experience.
The Future of Digital Security
In a OnePoll's survey, 52 percent of respondents said they preferred to log into online accounts using modern authentication methods such as biometrics or two-factor authentication. Moreover, 80 percent of respondents said they believed biometric authentication to be more secure than traditional usernames and passwords.
Besides increasing security and reducing fraud, biometrics is also being used to drive speed, efficiency and improve customer experience. In an age where people log onto everything, from their bank accounts to social media, from multiple devices, multiple times a day, biometrics are seen as the future of personal online security.
According to a Visa Biometric Authentication study, European consumers believe biometric authentication methods will improve the payment experience and make paying for goods and services easier and more convenient. 42% of European, and not just the younger generations, believe biometric authentication has potential to eliminate the need for multiple passwords and PIN codes. Even people over 65 are open to biometrics replacing PINs and passwords for authenticating payments - 48% of them would like to use fingerprint scanning, while 34% would like iris scanning.
The Challenges and their Answers
However, even though biometrics adds extra security and convenience, there are still a number of barriers to the overall adoption of biometric authentication for payments.
A Visa Biometric Authentication study showed that 39% of Europeans see the cost of purchasing a personal device that allows for biometric authentication as the biggest barrier, while 30% consider the embarrassment of biometric authentication not working as it should in public, increasing to 35% for 18-24 year olds, as a considerable barrier.
The Secret Life of PasswordsPasswords do more than protect data, wrote The New York Times Magazine. They protect dreams, secrets, fears and even clues to troubled pasts, while for some they serve as an everyday reminder of what matters the most. Read more here.
Biometrics poses additional challenges, according to M2SYS Blog On Biometric Technology. One is spoofing – although very difficult, select biometric attributes such as fingerprints still can be spoofed – and the other one relates to external factors such as the environment, age or ethnicity that can affect the integrity of individual biometric characteristics, thus rendering them ineligible for use.
However, these are only temporarily limitations that will be overcome by technology and innovations such as liveness detection technology or multimodal biometric authentication that eliminate fake fingerprints or environmental factors.
Passwords are surely here to stay, at least for the time being. They will, however, need to learn to co-exist with biometrics and "play along" to provide different layers of security to our increasingly threatened cyber world.
History of Cybersecurity
Do you know when and why the cybersecurity industry emerged? Find out in our podcast.
Sources: GCN, Forbes