Password Death

By Henry Bagdasarian

Passwords are still widely used worldwide but password death is imminent as advanced authentication techniques such as digital badges and biometrics are affordable, easy to implement, and embraced by consumers to access systems. In fact, in a recent research study, 80% of consumers surveyed expressed more confidence in biometric authentication when compared to passwords as a secure means of accessing systems.

Given the increased risk of global hacking and availability of affordable secure authentication methods, passwords, security tokens, and physical badges will soon be replaced with some form of advanced authentication system whether it’s biometric, digital badge, voice recognition, thought authentication (in a distant future), or a combination of the above and other advanced systems.

While biometrics take advantage of a person’s unique physical characteristics such as fingerprints, hand geometry, or iris and are increasingly used for accessing systems and devices such as mobile phones, digital badges are codes stored on mobile phones which can be matched to the digital code of the system being accessed.

Systems need to be protected with something stronger than a password since the majority of hack attacks are committed using stolen passwords from customers. Although some advanced authentication methods are expensive, others are affordable, especially when compared to the cost of data breaches, easy to implement, and very effective when compared to traditional authentication options. Given weaknesses in password security and great alternative options, password death is imminent

On the downside, a digital badge is as secure as the access code placed on a mobile phone which means that even if we consider a  digital badge to be hack proof, if the access code on the phone is weak or inexistent, the digital badge can be used to access systems.

One of the ways that a digital badge works is by leveraging a QR code (quick response code) which is a type of 2D bar code that is used to provide easy access to information through a smartphone. In this process, known as mobile tagging, the smartphone's owner points the phone at a QR code on the computer screen and opens a barcode reader app which works in conjunction with the phone's camera. When the QR code on the computer matches the code on the mobile phone, access is granted to the computer and its applications.

Given this security weakness stated above, If digital badge is selected as the main method for accessing a system, then biometric authentication must be mandatory on cell phones to prevent the unauthorized access of the cell phone and ultimately the digital badge.

Identity Theft Courses