Image via Flickr by Infosec Images | CC BY 2.0
Managing passwords has become an essential part of everyday life. Whether it’s paying your bills, logging into your email, or accessing your private social media accounts, your passwords are often the only line of defense that keeps your information safe from hackers. While creating strong passwords is an important security practice, many experts have suggested that passwords are quickly becoming a thing of the past. As security breaches have shown how weak passwords are at protecting our vital information, many companies have begun to adopt new security practices.
To give you some insight into the strengths and weaknesses of passwords, as well as what we can expect for the future of security, our staff put together this overview.
Passwords Have Become a Hassle
One of the biggest drawbacks that has become apparent in recent years is that passwords are cumbersome. As hacking tools have become more advanced, websites have been forced into a security arms race that forces users to come up with ever more complicated passwords. Gone are the days when a single password was sufficient for all your accounts. Modern websites now require a string of complicated characters that can make your password hard to remember.
Because it can be difficult to remember your password for every website, the average person now spends over 10 hours each year just resetting and managing their passwords. This time ends up costing a substantial amount of money in terms of lost productivity, not to mention it’s an annoying experience. While password management tools have recently gained popularity as a way to avoid this experience, they have not been widely adopted and still come with some security risks.
Passwords Can Be Easy To Guess, Hard To Remember
One of the biggest problems with most modern passwords is that they are hard for the user to remember, but might be easily guessed by phishing software or determined through brute-force attacks. This problem forces users to develop increasingly complicated solutions to remember their account information, while hackers are able to easily socially engineer the information needed to crack the code. With this issue in mind, Google recently predicted that passwords will become a thing of the past, and as a result, phishing attacks will stop being viable.
Password Management Software Isn’t a Perfect Solution
Password management apps generate incredibly secure passwords for you to use and store them all in one central, easy-to-use tool. While these applications give users more security than simply coming up with passwords on their own, recent security breaches have shown us that these are not a perfect cybersecurity solution for businesses. Password management apps are a band-aid solution that, while well-intentioned, do not cover all the weaknesses of our current password systems.
What Can Be Done About the Problem?
The weakness of passwords is no secret in the IT industry. While everyone acknowledges that there is room for improvement, our reliance on this system has made it difficult to adopt new solutions. Changing a security system that is so widespread creates innumerable problems to deal with, but that doesn’t mean it’s not a worthwhile endeavor. The ubiquity of two-factor authentication devices in recent years has made it harder for hackers to access our private information, but even these devices are not free from fault.
Because two-factor authentication systems are only as secure as their weakest point, once a hacker gains access to the email registered to your device, it’s game over. This weakness has led to the development of physical devices that generate your security code without needing access to your email. These devices have become a popular solution for people who care about cybersecurity, but many people are unwilling to buy a separate device just to increase their security.
On one extreme end of the spectrum, PayPal has proposed wearable, electronic tattoos that contain all of your secure information. In their presentation entitled “Kill All Passwords”, the company presented these tattoos as a secure replacement for traditional passwords. While it’s clear that these tattoos would increase security, people are doubtful that this solution would ever be adopted by the masses. Still, this idea presents an interesting solution for the future of the password problem.
Is Biometrics the Answer?
PayPal’s idea may seem extreme at first, but it’s undeniable that it presents a strong argument for increased security. But instead of implanting this information into people’s bodies to store their digital identity, more companies have opted to use biometric information that’s already available. Our fingerprints are completely unique and have always been used as a reliable way to identify people.
Fingerprints present what many people consider a solution to the password problem. Rather than creating increasingly complex passwords, buying digital authentication gadgets, or tattooing ourselves, why can’t we just use our bodies as a password? Many companies have already adopted this technology for physical devices, but the technology for using it as a way to gain online entry is not widespread.
Getting Rid of Passwords Will Save Money in the Long Run
While solutions to this issue vary, most experts agree that traditional passwords are on their way out. Adopting a new, more secure system of identification will be challenging, but it’s an important change. Getting rid of our current password systems will not only save millions of dollars in lost productivity, but increased security measures will protect vulnerable individuals from nefarious online attacks. The bottom line is that there is money to be made in creating a solution to the password dilemma, so there is sure to be an answer in the coming years.
This was just a brief discussion of our views on the security of modern passwords, and some of the possible solutions we are interested in. If you want to learn more about what it takes to design a secure password system or to learn about the IT services we provide, please give us a call. We are dedicated to protecting our clients from online dangers, so please reach out today.