You know the drill: you’ve just created an online account, and now you’re asked to come up with a strong password. Certain sites even have password guidelines and will judge the strength of your password: Use at least 12 characters! Use a variety of letters, numbers, punctuation, and special characters! Use upper- and lowercase for letters!
Aside from those, they have other rules you need to remember: Do not use real words found in a dictionary! Do not use real words spelled backwards! Never use your birthday, driver’s license number, street name, favorite color! Never use “password,” “123456789,” “1111111111,” “abc123,” and “qwerty” as passwords!
And so you freeze. What passwords have you used in other sites before that you shouldn’t use again?
The trouble with passwords
Coming up with a strong password is already difficult. Remembering it is even harder.
Browsers like Google Chrome and Mozilla Firefox have built-in password generators, but it’s a hassle if you use a different device. There are also password generator apps you can get for free online, but you’ll still need to remember them. Imagine the inconvenience should you lose your list.
You may also enlist the help of a password manager. It keeps all your passwords in one place, accessible only by a master password, so no need for you to remember all your passwords. But it’s still vulnerable to keyloggers stealing your passwords, and it’s a disaster should you forget your master password.
Happily, passwords may one day be passé. There are now several alternatives to using passwords for your logins, and they are even more secure.
#1 Multifactor authentication (MFA)
This method uses several pieces of evidence to authenticate the identity of the one logging in. The evidence can be in the form of knowledge (something only the user knows), possession (something only the user has), and inherence (something the user is).
Download our free eBook!
Unsure how to keep your data secure? Read our free eBook: 3 Types of Cyber Security Solutions Your Business Must Have and learn about the cyber security solutions you need in your business.
For example, if you try to log in to a site using a new browser or device, the site will try to verify your identity by sending an SMS-based verification. A hacker who’s not in possession of your phone will not be able to complete the process.
#2 Biometrics
Biometrics involves the use of physical or behavioral human characteristics to identify a person. The most common examples of biometric identifiers include fingerprints, facial recognition, voice and speech patterns, and retina recognition. These identifiers are considered unique to every person, so using them in combination with other forms of authentication increases the level of security.
There are critics who say that current biometrics are inaccurate, hackable, and not foolproof. That’s why cybersecurity experts do not recommend biometrics-only authentication. But who knows? In the future, they may be able to use DNA as a biometric measure.
#3 Trust scores
Multiple behavioral patterns such as typing, mouse movements, software usage, location relative to a known Wi-Fi network, voice sample, etc. are assessed and calculated for their trust score. Access is granted only to a passing trust score. A few years ago, Google announced that they want to get rid of passwords and use trust scores instead. Once that happens, many businesses will follow suit.
#4 Push notifications
To log in, users are required to enter their username. Then a push notification will be sent to the user’s mobile or email, to ensure it’s the right user attempting to login. This is a specific form of two-factor authentication (2FA).
#5 Card and personal identification number (PIN)
Estonia is one of the most progressive countries today, leading the way in the digital frontier. In 2002, the government issued digital national ID cards. Each card contains an encrypted chip with an electronic signature and PIN codes. Citizens use them instead of passwords to access websites so they can vote, pay taxes, bank online, and access their healthcare records, among others.
If you noticed, the alternatives are some form of multifactor authentication. Today, security experts are thinking of better ways to authenticate user identity without having to remember a string of random letters, numbers, symbols, and special characters. In the fight for cybersecurity, convenience is still key.
Do you want your business to be more secure yet free of the tedious task of remembering and managing passwords? Talk to our cybersecurity experts at Online Computers. We have the experience and expertise to safeguard your IT. If you’re in or around Hanover, Morristown, and Madison, and want intelligent IT solutions, contact us today.
[code-snippet name=”html-newsletter-form”]