Are passwords on their way out? They may be, but only to some extent, for
the time being. The old method still has a long way to go. The newer one,
identification by biometrics, like fingerprints, iris or palm scan, face
recognition or voice recognition, has yet to be perfected and become globally
adopted. Moreover, biometrics are not always the best approach.
اضافة اعلان
Already a
specialty on its own, within the wide field of computer and information
technologies, digital security has drastically evolved over the last decade,
and it is being updated all the time. It is far from perfect because the
challenge is huge. How can one make strongly secured systems while keeping them
simple to use at the same time?
Simplicity,
associated with instant authentication, is an important prerequisite, indeed.
Users do not want to go through complex, tedious processes to log in or to
access digital places, services or accounts.
Some private
banks in Jordan, when contacted by phone via their call center, in order to
validate your identity, ask you first to enter your client number, then the
last four digits of your primary debit card, and finally the PIN code
associated with the card. This is a good, sound security verification method,
but it is time consuming.
At present, none
of the available methods would alone be the ideal system. There are several
considerations involved: the context, the security level, the nature of the
account or service, and even the person trying to access it. Biometrics are
convenient because there are no passwords to remember. But they require a
physical device, a sensor to operate, and that may become faulty at times.
Passwords do not require sensors but you are expected to remember them, which
may be impossible today, given the number of passwords we use, or to maintain
and secure a full database of passwords.
Biometrics
cannot be broken or stolen, except, of course, in movies. But, again, the
entire infrastructure on which biometrics are built, is hardware dependent, and
therefore is more complex, and subject to technical failures.
When biometrics fail, all systems ask you to enter your backup password to log in to accounts, applications, web platforms, or services.
Passwords are
simple, but still suffer from various flaws. The first and obvious one is that
some, as unbelievable as it may sound, still use weak passwords. According to
global statistics, “123456”, “abcd”, “Goodmorning” or “qwerty” are still used.
Admittedly, they remain limited cases today, and people are slowly learning not
to use such obvious, easy-to-guess passwords anymore, but they still exist.
If you use
strong passwords, like “j6#@MrLp%Se9” for example, they will be virtually
impossible to guess or to crack, but they still could be copied or stolen if
you are not careful enough in your computing habits and smartphone usage. There
are countless methods that hackers resort to when they want to steal a
password, as strong as it may be, without going through the trouble of guessing
or cracking it.
When restarting
my Android smartphone, after a major software update for example, it does not accept
the fingerprint login that otherwise I use all the time to access various
applications; it absolutely wants me to enter the code that will unlock the SIM
card, before anything else.
When biometrics
fail, all systems ask you to enter your backup password to log in to accounts,
applications, web platforms, or services. It never works the other way round;
biometrics are never an alternative solution for failing passwords. This alone
is an important point to ponder.
Moreover, the
2-step-verification method that most banks, Microsoft, Google, Dropbox, and
other large organizations have widely adopted, involves sending you the famous
OTP (one time password) over your phone, to validate and to authorize access.
OTP is nothing but one more password, one you never have to memorize, of
course.
While biometrics
are constantly evolving and gaining ground, passwords remain very much relevant
and still constitute the safest “Plan B”. Besides, and looking at the bright
side of things, memorizing passwords is a good anti-aging exercise for our
brain cells.
Jean-Claude Elias is a
computer engineer and a classically trained pianist and guitarist. He has been
regularly writing IT articles, reviewing music albums, and covering concerts
for more than 30 years.
Read more Opinion and Analysis
Jordan News
.jpg)
.jpg)
