Passwords have always been considered the vanguard for all our online activities, guarding our accounts and ensuring that they’re safe. However, most of us are juggling around a dozen accounts or more. More often than not, instead of memorizing different strong passwords, we use one password for everything – our email account, bank account, Instagram, Facebook, online store account – and greatly increases the risks that our personal information will be compromised.
The speed that technology advances and the recent, alarming spate of hacking activities has prompted one prime mover in the industry to say that we should do away with passwords. During the recently concluded Interop Security Conference, PayPal’s CISO Michael Barrett talked about his vision of coming up with a system that would negate our need for passwords. He definitely knows what he’s talking about too since he’s also the president of the Fast Identity Online (FIDO) Alliance, an organization that comes up with methods to help netizens with their passwords.
During his speech at the security conference, Barrett admitted that his company’s aim is to do away with passwords and PINs and they aim to do that via a device that will connect to different websites and authenticate one’s identity. And to verify the identity, there should be an interaction with the user like eye scanning, finger scanning or swiping a card. These devices will probably be small and your authenticated credentials are stored in them and can’t be stolen. Some devices being considered are USB keys and finger scanners.
This two-step authorization process will undoubtedly make accounts more secure. Barrett mentioned the Apple ID accounts as a prime example and implied that Apple’s next iPhone might be the first device to make use of this verification system. There have been reports that the iPhone 5S will have a fingerprint sensor feature. This feature can actually make or break the iPhone 5S. On one hand, the fingerprint sensor would replace password authentication used on iTunes. On the other, integrating the feature can cause massive delays on the handset’s release date.
Realistically speaking, even if we do start using scanners and other biometrics for verifying our accounts, we would still be using passwords in the next couple of years. It will take some time for FIDO and PayPal’s vision to become the standard security feature.