Passwords. That word alone is enough to conjure up images of being annoyed at having to reset one for the umpteenth time, yet they are our one true defence against threat actors. Overtime, passwords have become increasingly bad at that job. Thanks to hacks, data breaches and blatant phishing attacks, they are also a legitimate concern when it comes to security and they are not user friendly either. You have all these rules to follow to set a strong password and chances are once you do that you will forget them almost instantly.
What are the alternatives?From what major technology corporations have learned over the years of phishing attacks and breaches due to passwords, the alternative must be more secure and less cumbersome to use. One of these is biometric authentication. The reason why this is looked at as a popular alternative right now is that most people already own phones that have a fingerprint scanner. A mid-range Android phone that will cost anywhere from Rs.15,000 to Rs.20,000 already has biometrics built-in. So, it is the next logical extension to use as a sign-in device for pretty much all your services.
If you do not happen to have a phone that has a fingerprint reader or do not want to spend that much to buy one, you can alternatively look at biometric USB readers. Once again, these are available at a variety of price points with the cheapest one starting at Rs 1,000. These are super easy to set up and use as well. Some of these are available as USB Flash drives as well, so they can authenticate your logins and store data at the same time.
These make the most sense for enterprise usage as well since they are a natural extension to the biometric login systems companies already use. They are difficult to hack as well giving them an extra layer of security.
Another alternative is two-step authentication. These come in two flavours. One uses an authenticator app and the other one relies on SMS. In both cases, a code is delivered to your device, which you will then input into the service you are trying to access to login. Another way to simplify this approach is by eliminating the random code altogether and instead verifying your identity through a physical key connected to your USB. Once your credentials are verified, you are then given access.
Yet another alternative is face-recognition. Most phones and laptops already have a webcam that can be used for authentication services like Windows Hello or FaceID on Apple devices. It is a convenient way to authenticate since it requires no press of a button and is completely hands-free. It is not perfect but there have already been a significant number of improvements that have been made since the debut of the technology.
Organisations like Microsoft are also working on a decentralised blockchain based authentication system which will allow usage of one username across all services and platforms. Your identity will be decentralised and not stored on a single server anywhere which means no more data breaches.
FIDO (Fast Identity Online) is a consortium of major technology companies like Amazon, Apple, Google, Paypal, Microsoft etc. that are working towards establishing new, safer standards for online authentication that give users a better user experience and a more secure way of protecting their data.
2020 was a major year for biometrics and two-factor authentication systems with many users migrating their accounts over to more secure login systems. It was also unfortunately the year of breaches and hacks with more than 80 percent of them happening because of leaked or weak passwords that allowed credentials to fall into the hands of threat actors.
One reason passwords have so far managed to survive is because they are familiar and are ingrained into the cultural psyche which makes them very hard to separate. Let us face it, nobody has ever really loved passwords, but we also do not want the system to change because its human nature to be resistant to change, even if it is in our benefit.
Thankfully, this sentiment now seems to be changing given how insecure passwords have proved to be in the last year. With the pandemic induced lockdown forcing a lot of companies to change their work strategies, they have also started to take a deeper look at the security of their work systems. IT infrastructure in general is in a state of overhaul right now and with more information on how secure our systems can be spreading to the public, let's hope we get rid of passwords sooner rather than later.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
