The future is passwordless: why security habits need to keep pace with technologySecurEnvoy 06/12/2017 Security
In most areas, computer technology is unrecognisable to that used in the 1960’s. Those enormous machines with reel-to-reel data transfer feel a lifetime removed from today’s tablets and cloud platforms, and yet, many of us still rely on a process first used on computers in the 60’s to (supposedly) keep our documents secure. The computer password was first used on a shared machine at MIT in 1961 and has hardly changed since. (incidentally, that password was also breached within a year)
That’s pretty absurd when you think about it: When the password was first used, it was on a machine to which there would have already have been limited access, and which would very few people would understand. As a result, the risk of an unverified using the machine was already pretty low, and the security offered by a simple password was sufficient.
But now, in a world where, let’s face it, most children have a basic understanding of how a computer works, and where so much valuable personal and business data is stored electronically, that same process really isn’t fit for purpose. So how do we move to a passwordless world where this archaic technology is finally made redundant?
What’s wrong with passwords?
Passwords have many inherent weaknesses, all of which leave your data open to breach:
- People choose simple ones
- They get shared with colleagues, written on post-its and left on shared machines
- They’re often re-used
- They’re rarely updated
While some of us “in the know” will roll our eyes at our spouse or colleague who insists on using the kids’ birth date as their password – and has a reminder of it written in their desk drawer – most can also understand the motivation behind their weak passwords: The fact is, secure passwords, almost by definition – are a hassle.
And that hassle is a key challenge for anyone trying to improve the security of their business: users don’t like barriers between themselves and their software applications – they want to be able to get on with their day as soon as they open their laptops, so, they will naturally take the path of least resistance. In that mindset, where ease trumps security, simple, easy to remember passwords make sense.
A consumer-led movement to passwordless
But that doesn’t mean security is a lost cause, and one of the major drivers has been changes in users’ behaviour outside of the office. As users become more and more dependent on their smartphones to do everything from managing their banking with 2FA enabled apps, to paying for their morning coffee with Near Field Communication. As a result, many users are more comfortable adopting new technologies on their smartphone than they are on their PCs – so why not harness that?
Well that’s exactly why SecurEnvoy have been pioneering passwordless authentication for over 10 years. We’ve known for some time that the key to successful security is as much about user behaviour as it is about technology. And it’s why SecurEnvoy is among the first to provide Multi-Factor Authentication through your users’ smartphone alongside 11 other authentication techniques designed to ensure not only that your network and information is secure, but that users are able to use it intuitively.
With NFC-enabled authentication, your users have access to one of the easiest ever means of verifying their identity, without compromising your security. Being able to login with a single tap makes using even the simplest of passwords look hard work!