June 22nd, 2017
Is Conventional Password the Thing of Past? No, Not Yet!
We all use passwords in our daily life. From logging into our social accounts to making a payment online to personal devices and computers, the average consumer uses about 25 or more sites and apps that rely on passwords. No matter how good our memory is, we all tend to forget our passwords every now and then. So, the stronger the password is, the harder it gets to remember.
The world has witnessed data breach in past at eBay (145 million users), Adobe (36 million users), JP Morgan chase (76 million users), and more, and passwords are the prime target. Even though the passwords are cryptographically encrypted, the hackers are still able to obtain the database of “hashed” passwords.
However, there are better forms of authentication available in today’s world. Biometrics is already popular and is found on millions of devices around the world. But then none of the biometrics form such as facial, iris scan, voice recognition works in every situation. But a combination of all of these factors based on whatever environment you are in, could result in a better combination of security as well as ease of executing.
Better yet, what if we use a combination of biometrics authenticators with “passive” factors that are easy to implement? It could be combining it with your Wi-Fi network, or a wearable you use connected through Bluetooth. In such a scenario just the password won’t make anything safer, but other factors combined can solve the purpose.
Although, nicely designed and implemented, physical tokens, cards and phones are easily left behind, lost, stolen and misused. All you will have access to will be the remembered password.
Incidentally, biometrics are dependent on passwords in the cyber space, and so are multi-factor authentications and ID federations like password-managers and single-sign-on services. Passwords will stay with us for long.
Of course, the conventional alphanumeric password alone can no longer suffice and we need an update to that. Maybe, a combination of smileys, or a separate password for each day of the week could be thought about, because a poor password means a Utopia for criminals and a Dystopia for all of us.