Kusic and Kusic Private Investigators
Investigating Across the Lower Mainland Since 1994.

The Future of Passwords: Solving the Password Problem

biometrics, passwords, online privacy, iris scan

Surveys show that “80 per cent of mobile consumers surveyed use the same login credentials across all of their accounts,” mostly because of the difficulty associated with remembering login information.

In an ideal world, passwords wouldn’t be easily hacked, and people could remember dozens of unique and highly complex passwords for all of their online accounts.

The reality is that it’s very inconvenient to track a plethora of online passwords. Even when people religiously follow the rules of creating secure passwords, hackers can use popular password cracking tools like Cain & Abel, phishing schemes, and malware to steal your passwords.

Some companies, such as Twitter and Yahoo, have attempted to address this issue by using a two-step verification process. In addition to using their regular password to access their accounts, users can elect to have a verification code sent to their mobile phones.

While this process makes your password more secure, it still doesn’t address the issue of inconvenience. Is a two-step verification process for all of our online accounts the answer? With today’s emerging technologies, the simple answer is a decisive no.

Does this signal the death of the password? According to PayPal’s chief information security officer Michael Barrett “passwords and PINs are obsolete and we need a new standard for security on computers and the Internet.”

Barrett believes that fingerprint scanners, which may be available in an upcoming version of the iPhone and other smartphones, will over time replace the need for passwords.

Judging from recent news stories and technological advances, the solution to the password problem can be summed up in one word: biometrics.

Companies are experimenting with the possibilities of using biometrics. Some proposed solutions are more likely to catch on than others.

In that vein, Google has experimented with some decidedly disturbing solutions using biometrics in place of traditional passwords.

For instance, they are working on a pill that  “can be ingested and then battery-powered with stomach acid to produce an 18-bit internal signal” that transforms “the swallower’s whole body” into a password. The pill could be taken daily for up to a month.

Similarly experimental, Motorola has been behind a novel solution to the password problem: tattoos. Flexible electronic tattoos are being developed that adhere to the user’s skin using a rubber stamp.

These sci-fi type of experiments with biometrics may be too extreme for the masses to adopt anytime soon. What are some more likely scenarios that use biometrics?

Google has recently filed a patent designed to secure Android phones or tablets using facial recognition capabilities. Users are able to use specific facial gestures–such as frowning twice then blinking–to unlock their phones. Google will need to address some security concerns where people have used photos in a strategic way to trick the feature.

Voice biometrics offers another possibility. Your unique voiceprint is used as authentication in lieu of a conventional password. Hackers attempting to fool the voiceprint could leave behind their own voiceprint which can be used against them when handed over to law enforcement.

Download the VoicePrintScanner app to get an idea of how real voice biometrics can protect your confidential information. This app allows you to access your passwords using your unique voiceprint. Go ahead, have some fun with it!

Iris scanning is another type of biometrics solution for authentication. It works because each eye is completely unique even between identical twins.

For a taste of biometric authentication that allows you to access your confidential information on your iPhone by allowing you to scan your iris, use the eyeD Biometric Password Manager app that claims to protect your sensitive data with military-grad AES 256-bit encryption.

Other biometric capabilities for authentication purposes involve palm-pattern, dynamic signature verification and vein pattern recognition.

This infographic allows users to compare biometric solutions to authentication based on security, accuracy, price, speed and device size with vein-pattern and iris recognition being the most secure and accurate.

Photo Source: Flickr

Posted in: Current Events, Privacy Issues
Tagged: , , , , ,