It’s always been incredibly hard to imagine a world without passwords. You need one to get onto your phone, access your emails, log onto your work server, check your Facebook, Instagram, snapchat or anything else that contains vaguely sensitive or personal information.
Since the inception of the internet way back when, passwords have become commonplace in everyday life – and so have their benefits and hindrances. Let’s be honest with ourselves – we’ve all forgotten our password before.
But as the technology world rapidly evolved from massive computers to smartphones and email servers to the Internet of Things, why have passwords – a legacy technology in many ways – remained so prevalent?
In very recent times we have seen the rise of biometrics as an alternative to typing your first cat’s name or ‘123456’ into a textbox, and it seems inevitable that they represent the future. In the short space in which biometric technologies have come to consumers they have become widespread, largely because of their use in smartphones made by the giants like Apple and Samsung.
650 million people are said to have used biometrics on their smartphones in 2015 and that number is set to grow exponentially as smartphone use grows and the implementation of biometric technology on them become more prevalent. As of now, fingerprint scanning technologies, such as Apple’s proprietary Touch ID, are the most common form of biometric authentication used in smartphones. From its initial use as a means of unlocking the phone to the set-up of Apple Pay and eventually on 3rd party apps, fingerprint access seems to be the natural solution to the old and annoying password.
The issue with legacy passwords
Most of us will have noticed the progression from fairly lax password requirements to the stringent one’s of today that require a capital letter, number, symbol, punctuation and must be at least 20 characters long. The task becomes even harder when we are recommended to use different passwords for different platforms, resulting in a copious amount of jumbled up letters and numbers that have to be remembered.
Some technologies, such as Apple’s iCloud, allow you to store very secure and long passwords on their servers which you can access with one single password. But that seems to defeat the point of having multiple passwords in the first place!
Our fixation with using memorable and similar passwords for all accounts has contributed to the rise in large-scale hacking and breaches of data that have become a daily occurrence in 2016.
So are biometrics the solution?
It’s easy, fast (most of the time) and secure – so what’s the problem?
Well, first we have to recognise that biometrics are not simply fingerprint scanning technologies, but instead represent a wide range of authentication methods including iris scanning, facial recognition, voice recognition, heart rate detection and even typing habit recognition.
Each of these technologies rely on a unique identifier that only we have. The problem is that the unique identifier is also the only one we have. We cannot change our fingerprint (easily) nor can we get a new face, voice, eyes or heart rate. Because the identifiers are so unique, if they are ever hacked or stolen, there is not much we can do to prevent their use other than to scrap that method of authentication completely.
Passwords can be changed in an instant, but if someone hacks a database and can make copies of your fingerprint – what then? Do you go back to arcane passwords or try a new biometric?
So, what do we do?
Don’t get me wrong, biometric authentication is sure to be the future of password technology and as of now, it is hardly profitable for any criminal to steal and replicate your fingerprint. But what we must understand is that biometrics do not solve all the problems of regular passwords, and even create some of their own.
We must not become complacent and think that our fingerprint-secured phone and bank accounts are impenetrable, but we must rather think of new and improved ways to make the likelihood of hacking and data breaches so improbable that they never even happen.