What Would a Password-Free Future Look Like | BLOG
Is the password on its way to becoming a relic of the past? It's definitely starting to look that way.
"If there's one thing about passwords that's being emphasized these days, it's their inherent insecurity."
If there's one thing about passwords that's being emphasized these days, it's their inherent insecurity. And it's not just that passwords themselves are easy to hack — it's that cyberattacks on various enterprises often result in the compromising of passwords as well. In March, for instance, livestreaming platform Twitch suffered a breach in which certain users' passwords and usernames were reportedly targeted. As a result of the malicious episode, Twitch asked all its users to reset their passwords.
But is that the answer to these types of situations — to simply start anew with a different password? Increasingly, that's not looking like a viable solution, since it will only lead to a cycle of new attacks. As many experts are pointing out, the password seems to be on its way out.
The slow departure of the password
The notion that the password's days are numbered isn't a new idea. Back in 2004, at a security conference, Bill Gates stated that the password wasn't a sustainable security mechanism, since its format was inherently vulnerable, CNET reported.
"There is no doubt that over time, people are going to rely less and less on passwords," Gates said at the time. "People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."
Today, Gates' prediction carries more weight than ever, as cybercriminals and advanced, password-focused attacks pose a constant threat to a means of authentication many individuals and businesses have relied on for a long time. In 2012, a non-profit group called the FIDO Alliance was established to broadly deal with the problems and weaknesses of the traditional password. The agenda of the Alliance — which is comprised of various industry forces — is to pave the way for more advanced means of secure authentication that meet the evolving security needs of today's computer user. But with efforts like these underway, the question arises as to what a future without the password would look like.
A password-free future
How will people and businesses authenticate identities once the password is gone? It's a question that industry leaders like Entrust have been tackling for years. In doing so, these tech innovators are paving the way for a future that's not only password-free, but also much more secure. Here are some of the components of such a future:
The power of the fingertip: Unlike passwords, our fingertips provide a means of authentication that uniquely verify our identity. You can write down a password, but your fingerprint is something that's solely yours. Because of this, biometric authentication, such as that offered by Entrust IdentityGuard, is becoming an increasingly deployed option, particularly in sectors where identities are necessarily carefully guarded like law enforcement and finance. But this means of authentication promises to gain mainstream traction as well, because of the top-tier protection it offers.
More digital certificates: A truly identity-verifying corporate environment is a multi-layered one, and digital certificates present a first-rate means of ensuring that identity vetting happens in a multi-step way. Thanks to the seamless design of cloud-based certificate management solutions, however, this tool — unlike the password — won't slow down the authentication process.
As long as the password is still around, though, enterprises should still make an effort to render the tool as secure as possible using trusted tools like two-factor authentication.