Imagine that it is October 2050 and that a group of schoolchildren is visiting an exhibition in a museum in the framework of “Cybersecurity Awareness Month”. Suddenly, a student asks his teacher “What is that?” while pointing to a strange combination of letters, symbols and numbers. “Oh, that’s a password. Your parents used them to access their devices and applications. Since then they have become extinct ”, the teacher responds.
Extinct passwords? How did we get there? The answer is simple: by biometrics and digital certificates.
The password challenge
Let’s not get too ahead of ourselves. Instead, let’s go back to the year 2021.
Password overload is a hassle, not to mention creating and remembering strong passwords that meet specific requirements. According to himAt Dell Technologies, regularly creating, remembering and changing passwords is considered “a hassle” for 62% of US workers. Another Dell study, , found that when users around the world were presented with a long and difficult password to access a computer under time pressure, their stress increased by 31% in five seconds … And continued to increase even after users started the successful session.
These results reinforce that, for most of us, good password hygiene is not a priority: it is, instead, a nuisance. Whether the same password is reused repeatedly, weak passwords are used, or they are written on a sticky note, many of us do exactly what we have been told not to do.
Worryingly, these behaviors aren’t just reserved for working adults. A recentfrom the National Institute for Standards and Technology, US Department of Commerce, explored what students know about passwords and how they use them. The results showed that elementary school students learn and understand the best password practices, but still show poor password enforcement behavior. Once children enter their teens, many begin to share passwords to build friendships and trust.
So if most people understand the importance of good password hygiene, but no one feels compelled to practice it, where do we go?
The idea of using biometrics to identify an individual is centuries old. There is evidence that fingerprints were used as a mark of a person as early as 500 BC and that biometric technology had existed for several decades before. However, it wasn’t until the early 2000s that this technology really started to appear in commonly used devices, and today most of us are familiar with using biometrics to unlock devices and apps. What seemed like a novelty a few years ago, looking at the smartphone to unlock it, has become commonplace.
As biometrics continue to gain popularity as a convenient and secure form of automatic user recognition, the traditional password will become much less attractive to consumers and businesses. In addition, there are increasing advances in sensor technology and the use of AI-based matching algorithms. This improves the user experience and increases security.
Fingerprint readers and facial recognition are now available on major business laptops and are used as part of a multi-factor authentication solution, offering users more secure ways to access their devices, applications and data. than passwords, which are easy to compromise.
In fact, the citedfound that in US companies with availability of biometrically secure computers, about 80% of employees say they use the feature and 64% say they would use it if offered. And that’s not just for convenience – workers also believe those features could help keep company data safe. This, in turn, increases IT administrators’ confidence that the devices and users on their network are authentic.
Surely you are wondering why the use of biometrics is more secure than passwords? Passwords are a string of characters that are validated by a website or service to allow access by a user. Strong passwords are designed to be difficult to guess or replicate, but even the most complex ones can be stolen or compromised. To secure user identities, the use of multi-factor authentication is increasingly required for user access. Biometrics plays a key role in multifactor authentication, as of the three possible authentication factors it is the most difficult to replicate. These factors are: something you know (password or PIN), something you have (device or security token) and something you are (fingerprint or face). Connecting authentication with a user’s biometric match creates the most difficult scenario for a cybercriminal to duplicate. After local authentication is performed, a secure digital certificate is released to the website or service for user authorization.
Coupled with people’s willingness to embrace biometrics in their work teams, there is a real opportunity for this technology to continue to grow, especially as Gen Z enters the workforce. These digital natives have grown accustomed to using fingerprint readers or facial recognition on their smartphones and probably wouldn’t think twice about using the same technology on their computers and other devices. It’s time for organizations to re-evaluate the way they handle work device security and consider incorporating biometrics for their next PC refresh cycle.
We still have a way to go until passwords become obsolete and become a museum exhibit, but in the meantime there are simple ways to keep our data safe without passwords increasing our stress levels:
– Use a password manager to create strong passwords and store them in a safe place.
– Take advantage of multi-factor authentication as well as digital certificates for identity verification and secure communication.
Technology is going to become increasingly integrated into our daily lives, constituting a gold mine for cybercriminals. As we look to a future without passwords, it is up to each of us to do our part and be #CyberSmart.