Logo Header Menu

Is it time for businesses to nudge us towards the death of passwords?

Passwords are no longer fit for purpose. There is a better way and it is time for businesses and indeed all publishers of websites to push us towards a more sensible system of identification, leading us towards the death of passwords Is it time for businesses to nudge us towards the death of passwords? image

It’s now in the stats. Some people find passwords more stressful than divorce. A tad under a half find remembering all their passwords overwhelming. Frankly, it’s surprising the numbers are as low as the data says. According to a survey carried out by Bilendi on behalf of GMX, among 1050 people, 8% find think that remembering all their passwords is more stressful than a divorce, changing jobs or getting a speeding ticket. 41% find remembering passwords overwhelming. If there is one death that people would surely not mourn, it would be the death of the password.

The survey also found that there must be an awful lot of people with amazing memories. No less than 40% rely on their memory for password recall — 20% write their passwords down on paper. (Big sheet of paper!).

To be clear, as all technologists know, we are supposed to have different passwords for each account and we are supposed to change them regularly — every day, some say.

The passwords must not be words that are in the dictionary, and there must be numerical and ideally contain symbols such as % or *.

All the more impressive then that 40% of people are able to memorise all their passwords. Doesn’t this memory feat make you feel humble? Forget about the death of passwords, if only we all had memories like this we would be fine. Maybe we could all recite pie to 200 decimal points while we are it.

Will biometrics replace passwords, or complement them?

It would be interesting to know how many CTOs or CSOs — chief security officers — get it right. The survey found that 19% of ordinary folk frequently get locked out of an account because of multiple incorrect attempts. 18% get websites to log them in automatically. What percentage of CTOs do that, one wonders?

Setting aside the apparent superhuman memory that 40% of us are blessed with, it does seem likely that the system isn’t working.

Too many people use the same password for multiple accounts — we don’t need surveys to tell us this. The reason is obvious, it is too difficult. For many of us, passwords have become the bane of our lives. The system is broken, there needs to be a better way, passwords must die.

Microsoft’s authentication system for Windows 10 is a step in the right direction. It is now officially recognised as an authenticator, which means the company is inching towards completely killing off passwords in its software and services.

But as Mark Twain, CSO for Huckleberry Finn said of the password “reports of my death are greatly exaggerated.” It is like the Mountain from Game of Thrones, no matter how we stab at it, the death of the password remains elusive.

As Jake Moore, security specialist at ESET said: “The password option will still be a feature in the background as Windows won’t get rid of it completely, so users will still have to adopt better password management and multi-factor authentication to protect their data in case their information gets into the wrong hands.”

Will technology really destroy jobs? Amber Rudd reckons automation is driving the decline of banal

Jason Hart, cyber security expert and chief technology officer for Gemalto’s data protection solutions, isn’t so sure. “It’s time to retire passwords as a security solution,” he said. In an attempt to hammer the nail into the password coffin he added: “After years of employees using the same credentials to log into everything from social media to corporate networks, should just one account be breached, all associated accounts risk being compromised too.

“What’s needed now is an adaptive, intelligent approach to the log-in experience. Innovative technologies such as Passwordless authentication with Smart Single-Sign On allow users to log-in to multiple applications with a single identity, removing the need for passwords altogether. By taking into account contextual information, such as user location, and app sensitivity and previous log-in attempts when verifying users, and combining these technologies with multi-factor authentication when needed, its possible to dramatically reduce the risk of false log-in attempts and repurposed passwords.”

He is right, of course. There are multiple password management options already. The real problem is that not enough people know about them.

GDPR imposes a duty on companies to treat our privacy as a human right. Increasingly tech firms have moved from the GDPR’s privacy by design to call for ethics by design.

We now need password-made-easy by design too, either that or organisations must advance systems that don’t require passwords at all, rather they require some form of biometric security.

It is not the customer’s job to remember hundreds of passwords complete with non alpha numeric characters/symbols. The customer expects their life to be made easy, not more stressful than divorce or getting a speeding fine.

It is up to technologists to promote to end users a better way. If they can orchestrate the death of the password, they will be seen as heroes.

Latest news

divider
Start-up scene
Protecting tech startups without compromising on innovation

Protecting tech startups without compromising on innovation

22 July 2019 / Protecting tech startups — an afterthought for the innovators? Tech startups are fast becoming the [...]

divider
Data Protection & Privacy
Updating RegTech trends for what really matters in 2019

Updating RegTech trends for what really matters in 2019

22 July 2019 / Whether you’re already using RegTech or plan to start doing so this year, it’s crucial [...]

divider
Start-up scene
What’s driving growth in Northern Ireland’s tech startup scene?

What’s driving growth in Northern Ireland’s tech startup scene?

22 July 2019 / In recent years, Northern Ireland’s tech startup scene has seen massive growth and success. According [...]

divider
People Moves
Former SAP COO, Melissa Di Donato, appointed CEO of SUSE

Former SAP COO, Melissa Di Donato, appointed CEO of SUSE

22 July 2019 / Melissa Di Donato, accomplished technology executive and former SAP leader, has been named chief executive [...]

divider
Healthcare
10 use cases of artificial intelligence in healthcare

10 use cases of artificial intelligence in healthcare

22 July 2019 / Use cases of artificial intelligence in healthcare — there are many. Today, many technology vendors, [...]

divider
Development & Programming
Can cloud automation growth finally make the case for NoOps?

Can cloud automation growth finally make the case for NoOps?

22 July 2019 / Are we heading to a NoOps way of working? Traditionally, development and IT operations teams [...]

divider
Cyber Innovation
Tech Nation’s cyber security cohort: Fortium Technologies

Tech Nation’s cyber security cohort: Fortium Technologies

22 July 2019 / Information Age has partnered with Tech Nation to help explore 20 of the UK’s leading cyber security [...]

divider
Cybersecurity
Protecting your business from phishing scams

Protecting your business from phishing scams

19 July 2019 / The recent announcement of British Airways’ record-breaking £183 million GDPR fine has put phishing scams [...]

divider
Telecoms
AI is saving telcos money but at the expense of customer service

AI is saving telcos money but at the expense of customer service

19 July 2019 / The rollout of commercial 5G networks is rapidly gathering pace. Both the US and South [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest