Passwordless Login - It's here!

by: Adam

Identity theft and compromised data are regular occurrences in our society due to the fact that man-made passwords are becoming easier to hack as malware technology advances. Countless people are guilty of committing the age old sins of using weak passwords and re-using the same password for most (or all) of their accounts for the sake of convenience. CNN produced an article showing that the top five passwords being used in 2019 are also the first five passwords that most hackers will try. They are:

  • 123456
  • 123456789
  • qwerty
  • password
  • 111111

Almost every website uses email and password authentication; this means that the same email is tied to an average of 130 different websites – it would be impossible to remember that many passwords. It’s argued that passwords serve an essential security function. Unfortunately, if a password is not changed often enough, it becomes susceptible to an information breach. A recent example occurred this past year when AMCA, a billing and collection vendor, had a security breach exposing the financial and medical information of 19.6 million people using their Quest Diagnostics and/or LabCorp between August 1, 2018 and March 30, 2019.

As hacking and malware technologies continue to advance, individuals and businesses can no longer guarantee the security of their password protected data. In other words, passwords are causing more discrepancies than benefits in an internet that is ready to move past them and into a passwordless future.

Here are three passwordless login methods:

Email Authentication
Email-based authentication verifies a users identity by using a combination of their email address and a complex encrypted keycode. When a user tries to log in, an email is sent to them containing an encrypted DKIM key code. The user can retrieve this password from their email and continue to log in.

Token-based Authentication
This works similarly to email authentication, except, instead of being given a password, you are given a link to click that will then be decrypted and follow you through the site to ensure safety. With this system, you must use an authentication tool to decrypt such as Google Authenticator. Both email and token-based authentication offer a way to avoid creating your own passwords by using your email address.

Biometric Authentication –
Rapidly becoming the preferred method, this system associates your fingerprint or retina scan (facial recognition) with your account to allow access to the account holder only. This is currently popular with iPhones, but is also growing with Android and Chrome – we will soon be able to use this technology on laptops as well as phones.

Because the theft of data and identities has been running rampant in this age of technology, in 2017, Google discussed the idea that passwords would soon become obsolete. By 2020, over 1.4 billion users will have migrated from a chosen password to a passwordless biometric authentication to access their email. As an example, you could use your fingerprint to give your authority to access apps. Currently, the fingerprint processing of our biometric systems is not 100% accurate. The process takes only a small portion of your fingerprint, which makes it likely that 1 out of 8 people could possibly open your device, due to their fingerprint being very similar.
Because of this, many apps and devices have moved to retina or facial recognition to ensure security while fingerprint technology is being further developed.

Apple has announced that touch ID will be returning to the iPhone now that the technology has been developed to properly fingerprint ID individuals. The new fingerprint management uses a 3D radar that will monitor the entire fingerprint, ensuring higher security with your biometric information.

Samsung uses both iris and fingerprint scanning; this will be the new norm that Google will accept. Using both facial and fingerprint identification ensures your security online as it eliminates self-created passwords. With all of the situations of our privacy being stolen, soon, DNA and biometric information will be the only way to protect ourselves and our data.

In today’s society, digital technology is making our lives more efficient, but has also created a challenge in respect to the privacy and security of information. The good news is that as technology advances and removes human error, our data – being kept on personal devices as well as by businesses – is only becoming safer every day. To ensure the safety of your information, head towards the future of technology and go passwordless today!