Skip to main content

Microsoft And Apple Are Killing The Password

By

Reference: Techgig.com


Let me see if I can guess your password. 12345? Qwerty? How about abc123 or Dragon or trustno1 (yes, I see what you did there), or Master? If I guessed right, then shame on you: all of those feature in the top 25 worst passwords -- along with plenty of other all-but-impossible-to-crack strokes of genius like 111111 and letmein (yes, I see what you did there, too).

Passwords: Decent ones are impossible to remember; easy ones are hardly worth having at all. Passwords: An alphanumeric-must-be-changed-monthly-with-no-repetition plague on all of our houses.

This is not a new problem, of course, and nor is it the first time that the death of passwords has been announced. Over a decade ago, Bill Gates was predicting the end of passwords, and yet millions still have a Post-It note stuck to their monitor with '1234567' written on it. And so passwords still leak, by the billion.

But this time around, could the end really be in sight for passwords? Microsoft has confirmed that it is working to kill off passwords in Windows 10, introducing a whole new set of options by adding support for the Fast IDentity Online (FIDO) standard.

That means you could be logging on with your face, voice, iris or fingerprint (or your dongle) depending on which method your organization chooses.

And it's not just on the desktop: similarly on the consumer side, Apple's Touch ID for the iPhone 5s, 6 and 6 Plus, and iPad Air 2 and Mini 3, replaces a passcode with a fingerprint. Samsung's flagship Galaxy S5 also has a fingerprint reader. While no technology is entirely secure, fingerprint readers have improved dramatically in recent years: Apple claims you would have to try 50,000 fingers to find a random match -- which it argues is much more secure than the one-in-10,000 chance of guessing a four-digit passcode. This week two UK banks announced that they will use Touch ID to allow customers to access their bank accounts.

It's a lot easier to forget a password than it is to forget your fingers or your eyes, and you can't write either of them down. That should help with some of the more boneheaded security lapses. Apple's system and the Microsoft-supported FIDO standard also have a different architecture to the old password-based model: rather than one central store of fingerprints or other biometrics, they are stored locally, which makes it much harder for hackers to swoop in and bag millions of credentials as commonly happens now.

The move away from passwords certainly removes a horrid security vulnerability that we have been living with for decades. But we should still move cautiously when it comes to biometrics, for several reasons.

Passwords are mostly abstract (unless you're one of those fools who uses names of family or pets) and impersonal. Biometrics, by contrast, are deeply and definingly personal, and the uses to which they're put ought to be carefully monitored. The intelligence services' insatiable hunger for all kinds of data would make such information an irresistible target, for example.

In some ways, biometrics may be a too perfect a way of proving our identity. For many services, a vaguer sense of identity is more appropriate: most people would be uncomfortable about an auction site or an once-visited online retailer having access to such intimate details. Online identity has often been ambiguous, fleeting and shifting for all sorts of reasons. Biometrics provide an absolute level of identity that must be used carefully.

Right now, part of the wonder is that on the internet still nobody knows if you are a dog. If we have to provide fingerprints -- or paw prints -- for every transaction, then some of that magic will be lost.


Comments

Post a Comment

Please leave your comments here.

Popular posts from this blog

Microsoft Ends Support for Windows 10 Version 1803, Users Advised to Update Now to Get New Features

By
Microsoft has announced that the company will no provide updates to PCs running Windows 10 version 1809 (aka October 2018 Update) as it will no longer support the outdated operating system. Originally, support for the Windows 10 version 1809 was supposed to end early this year; however, it was delayed to the COVID-19 pandemic, therefore giving more time to users and IT professional to update their systems. As a result, users with Windows 10 Home or Pro editions of Windows 10 version 1809 will not receive monthly security and quality updates containing protections from the latest security threats. To update to latest Windows OS, users can head to Settings > Update & Security > Windows Update. Although several users are likely using the Windows 10 version 1909 as Microsoft started rolling out the automatic update last December, the newer version might be unavailable to those who turned off automatic updates. Typically, Microsoft brings new features for Windows 10 versions fo
Post a Comment
Read more

Google announces new career certificates for tech job-seekers

By
Google launched three-course certifications to help job seekers and professionals. It is to enhance their skills and help them grow in major fields.  Google has launched three major certification courses for job seekers to help enhance their career in the technology domain. The flexible online training will help job seekers to polish their skills in their high-growth fields and track jobs.  The courses will target the major fields such as User Experience Design (UX), Project Management, Data Analytics, IT support, and Android Development. This is a way to expand the employer consortium, get job seekers enrolled with the latest certifications, and introduce new tools to improve the job search.  CEO of Google and Alphabet, Sundar Pichai, announced the new Associate Android Developer certification that will help in Android development for entry-level jobs. It is predicted that by 2025, the US market will open up to 1.3 million jobs.  Here are the Google Career Certificates that users can
Post a Comment
Read more

10 tips for protecting your most important data

By
From: Techgig.com For many modern businesses, their data is their most valuable asset. However, these days it seems every morning brings news of another high profile data breach. Sadly hackers are becoming more sophisticated and more determined than ever before, but this doesn’t mean businesses can’t take steps to protect themselves. Just a few considerations regarding security processes can be enough to ensure would-be hackers move on to an easier target. Here are ten tips which can help individuals and businesses of all shapes and sizes better protect personal data, financial information and privacy. Keep your operating system and all software up to date. This is a tip you’ll hear time and time again from security professionals. Those pesky OS and computer software updates are not only important from a functionality standpoint, but they more often than not contain critical security updates and vulnerability patches. Where possible, enable automatic software updates to
Post a Comment
Read more