Are Passwords Obsolete?
1 January 9, 2015 at 9:20 am by Catherine SmolaHow many times per day do you use a password? Between online banking, email, mobile devices, online shopping and social media, that number could easily be in the dozens. Despite the importance of passwords in an electronic world, however, most people – over 55% in a 2013 study – use the identical password for most if not all of their varied accounts.
One Password, One Big Risk
This habit presents an enormous risk, because even if the password itself is difficult to crack, it functions as a master key to your online life. This is especially true when paired with your username, which is also likely to be identical across multiple accounts. A breach of security anywhere, even an online bookstore, could grant a hacker access to everything from Facebook to your credit cards and leave you open to fraud and perhaps even identity theft.
The basic tenets of digital security (use long, complex passwords, and change them often) are sound in theory, but given the sheer number of accounts we need to access daily, there is simply a limit on how many passwords any one person can reasonably expect to remember.
A common solution is to use a password manager, a program that manages and stores every password you create. It reduces the number of passwords you’re required to remember down to just one: your password for the manager itself. With that in place, you may create strong, unique passwords for everything else. A breach on one account is insulated from the rest of your electronic life – so long as the manager itself remains secure.
While passwords can be managed and kept safe, as technology continues to advance it is worth asking ourselves:
Are Passwords Obsolete?
While we commonly think of passwords as a means of controlling access, in reality their purpose is to verify identity. As a technology, passwords are little more than pressing buttons in sequence on a keypad – anyone can learn that sequence and act with your authority. Biometrics, on the other hand, is a sophisticated and growing field that uses unique, difficult-to-falsify biological markers to positively identify an individual.
Such technology is already in wide use. IBM introduced fingerprint readers on its ThinkPad laptops in 2004, and Apple made them a staple on its smartphones in 2013. Mobile devices running Google’s Android operating system can recognize faces, allowing users to unlock their phones and tablets with a glance. Even eye-scanning technology is a modern-day reality rather than the science fiction we imagine: the Canadian government trusts it enough to deploy in airports for passengers enrolled in the NEXUS Trusted Traveler Program, automating the procedure of identity verification and customs clearance.
And those examples don’t even include concepts such as voice recognition and heart rate identification, the latter of which can be worn as a wristband and has attracted the attention of a major Canadian bank.
Are passwords about to become extinct? How will the evolution of biometric technology as a means of identity authentication impact insurance and the broker distribution channel? Join the CSIO eXchange discussion forum to share your thoughts and hear from other industry professionals.
Note: By submitting your comments you acknowledge that insBlogs has the right to reproduce, broadcast and publicize those comments or any part thereof in any manner whatsoever. Please note that due to the volume of e-mails we receive, not all comments will be published and those that are published will not be edited. However, all will be carefully read, considered and appreciated.
Password Managers are not a solution but rather a symptom of the problem. I use a very well known product to allow me to create and record random passwords for sites. This “solves the problem” so to speak but really just shows that a better way needs to be identified.