Skip to main content

Microsoft And Apple Are Killing The Password

By

Reference: Techgig.com


Let me see if I can guess your password. 12345? Qwerty? How about abc123 or Dragon or trustno1 (yes, I see what you did there), or Master? If I guessed right, then shame on you: all of those feature in the top 25 worst passwords -- along with plenty of other all-but-impossible-to-crack strokes of genius like 111111 and letmein (yes, I see what you did there, too).

Passwords: Decent ones are impossible to remember; easy ones are hardly worth having at all. Passwords: An alphanumeric-must-be-changed-monthly-with-no-repetition plague on all of our houses.

This is not a new problem, of course, and nor is it the first time that the death of passwords has been announced. Over a decade ago, Bill Gates was predicting the end of passwords, and yet millions still have a Post-It note stuck to their monitor with '1234567' written on it. And so passwords still leak, by the billion.

But this time around, could the end really be in sight for passwords? Microsoft has confirmed that it is working to kill off passwords in Windows 10, introducing a whole new set of options by adding support for the Fast IDentity Online (FIDO) standard.

That means you could be logging on with your face, voice, iris or fingerprint (or your dongle) depending on which method your organization chooses.

And it's not just on the desktop: similarly on the consumer side, Apple's Touch ID for the iPhone 5s, 6 and 6 Plus, and iPad Air 2 and Mini 3, replaces a passcode with a fingerprint. Samsung's flagship Galaxy S5 also has a fingerprint reader. While no technology is entirely secure, fingerprint readers have improved dramatically in recent years: Apple claims you would have to try 50,000 fingers to find a random match -- which it argues is much more secure than the one-in-10,000 chance of guessing a four-digit passcode. This week two UK banks announced that they will use Touch ID to allow customers to access their bank accounts.

It's a lot easier to forget a password than it is to forget your fingers or your eyes, and you can't write either of them down. That should help with some of the more boneheaded security lapses. Apple's system and the Microsoft-supported FIDO standard also have a different architecture to the old password-based model: rather than one central store of fingerprints or other biometrics, they are stored locally, which makes it much harder for hackers to swoop in and bag millions of credentials as commonly happens now.

The move away from passwords certainly removes a horrid security vulnerability that we have been living with for decades. But we should still move cautiously when it comes to biometrics, for several reasons.

Passwords are mostly abstract (unless you're one of those fools who uses names of family or pets) and impersonal. Biometrics, by contrast, are deeply and definingly personal, and the uses to which they're put ought to be carefully monitored. The intelligence services' insatiable hunger for all kinds of data would make such information an irresistible target, for example.

In some ways, biometrics may be a too perfect a way of proving our identity. For many services, a vaguer sense of identity is more appropriate: most people would be uncomfortable about an auction site or an once-visited online retailer having access to such intimate details. Online identity has often been ambiguous, fleeting and shifting for all sorts of reasons. Biometrics provide an absolute level of identity that must be used carefully.

Right now, part of the wonder is that on the internet still nobody knows if you are a dog. If we have to provide fingerprints -- or paw prints -- for every transaction, then some of that magic will be lost.


Comments

Post a Comment

Please leave your comments here.

Popular posts from this blog

This Was The Thing That Made Steve Jobs So Great

By
Reference: TechGig.com John Sculley It's been nearly 4.5 years since Apple cofounder Steve Jobs passed away. But he remains a role model for many today - the gold standard of a tech visionary. One of the few men who could call himself Steve Jobs' boss, former Apple CEO John Sculley, talks about why in his new book, "Moonshot." "Steve was not an engineer - he just saw different things that people were working on and connected the dots between them," Sculley wrote in his new book, notes the New York Post. Sculley gave the example of how Jobs added calligraphy fonts to the Mac, which created a new market for the Mac as a way to do home-grown document publishing. "That was something no one was working on at the time," Sculley said. Obviously, it's not that easy to look at the world, see what's missing and deliver a high-quality product that fits the bill. Otherwise, we'd all be Steve Jobs. John Sculley/Michael Seto/Busines...
Post a Comment
Read more

Do you require a dedicated system administrator?

By
Technology has evolved so has administrator. Days have gone when people were needed to sit in front of System to monitor or manage it. With growing orchestrations tools and system remote manage capabilities. We really don’t require someone to be deputed to do administration on site. We require people to manage the floors and handle physical issues rather than management issues. Outsourcing Administration and Management of Server assets not only give organization peace of mind but quality Engineers to take care of their infrastructure with excellence. Day has come to take a step ahead and take on board organization as System Administrators rather than Resource with limited knowledge.
Post a Comment
Read more

Microsoft Ends Support for Windows 10 Version 1803, Users Advised to Update Now to Get New Features

By
Microsoft has announced that the company will no provide updates to PCs running Windows 10 version 1809 (aka October 2018 Update) as it will no longer support the outdated operating system. Originally, support for the Windows 10 version 1809 was supposed to end early this year; however, it was delayed to the COVID-19 pandemic, therefore giving more time to users and IT professional to update their systems. As a result, users with Windows 10 Home or Pro editions of Windows 10 version 1809 will not receive monthly security and quality updates containing protections from the latest security threats. To update to latest Windows OS, users can head to Settings > Update & Security > Windows Update. Although several users are likely using the Windows 10 version 1909 as Microsoft started rolling out the automatic update last December, the newer version might be unavailable to those who turned off automatic updates. Typically, Microsoft brings new features for Windows 10 versions fo...
Post a Comment
Read more