Employees are still using "123456" and "qwerty" far too often. Here are five ID forms that could better protect the enterprise to consider on World Password Day.
Passwords represent a common entry point for hackers in enterprise networks. With millions of professionals and consumers still using the most-hacked passwords like "123456," "qwerty," and "password," and the rise of other more secure forms of identification, it appears that traditional passwords may become obsolete in the near future. Companies including Microsoft have already announced intentions to replace traditional typed passwords with other secure credentials.
But what will the passwords of the future look like? Considering current trends, it's likely that within five years, biometric-based identification systems will be more widespread, and used alongside two-factor authentication for extra security, said Paul Lipman, CEO of cybersecurity firm BullGuard in an email. While traditional passwords won't completely die out in that time, they will likely be supplemented by other measures more frequently, he added.
SEE: Password managers: How and why to use them (free PDF) (TechRepublic)
Here are five things that could replace passwords in the near future, according to Lipman:
Biometric authentication—such as iris, fingerprint, voice, and face readers—are common forms of ID today. However, a flaw in biometrics is that your fingerprint and iris do not change, meaning they are in some ways passwords that can't be reset, Lipman said.
2. Zero login
Zero login refers to the use of unique behavioral characteristics—such as typing patterns, location, and occupation—to confirm identity. It allows users to login to applications without needing to do anything. For example, newer iPhone models allow users to change the pressure of their home button and detect and remember signals from other devices, such as a car or headphone set.
3. Implanted microchips
A few companies have started implanting employees with microchips to replace key cards and passcodes, allowing employees to enter buildings and access computers by placing their micro-chipped hand next to a reader. However, this method has a number of ethical implications, and may be harder to get people on board with.
4. Brain passwords
Brain passwords refer to a digital reading of a person's brain activity while looking at a series of various pictures and objects. A person would be initially authenticated with a passport or fingerprint or face scan. The brain waves responding to different stimuli would reveal a unique biological brain structure, creating a brain password.
5. DNA identification
Nations including Qatar and Estonia already take DNA readings of citizens to track disease outbreaks, Lipman said. DNA-based authentication for other measures is not far away from becoming a reality, he added.
"While these new methods add an extra layer of security, they still have an inherent flaw faced by today's passwords: How and where can you store the information securely and guarantee that it won't be hacked," Lipman said. "Passwords will forever be dynamic as the evolution of technology and ethical considerations continue to collide."
In the meantime, check out Top 5 ways to pick a secure password on TechRepublic.
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- 10 dangerous app vulnerabilities to watch out for (TechRepublic download)
- Windows 10 security: A guide for business leaders (Tech Pro Research)
- Online security 101: Tips for protecting your privacy from hackers and spies (ZDNet)
- The best password managers of 2019 (CNET)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard)