Even if it was supposed to pass away a long time ago, the password has managed to stay alive for over 20 years. Bill Gates declared the password passé way back in 2004, but only in late April 2017 did the company that he founded manage to introduce a replacement for this outdated authentication system.
Password flaws & weaknesses
A Verizon report showed that 63% of confirmed data breaches involved leveraging weak, default, or stolen password back in 2016. On the other hand, a new report from Proofpoint said that phishing and similar attacks using e-mail reached a new high of 45% in the last quarter of 2016. This lead to employees changing their passwords more often to make them more complicated, even if it didn’t seem to help much.
According to NIST, the only way a password can be effective is if it has at least 16 characters (a mix of letters, digits, capital letters and/or alphanumeric symbols). Another major weakness of passwords is that they’re not appropriate for mobile users. In 2015, mobile searches began outpacing desktop searches and by the end of 2017, mobile e-commerce revenues are expected to match the ones from desktop/laptop engagements. For many users, using passwords on their mobile devices means too much trouble and seems that, for mobile, the only viable alternative is a different authentication method.
The new updated Microsoft Authenticator
Microsoft is replacing the password with the Microsoft Authenticator, is a push system that “shifts the security burden” from your memory to the device. A password can be forgotten or somehow compromised and it’s easier if users only have to respond to a push notification when they’re trying to access their Microsoft account.
Google’s Project Abacus
Google is also trying to replace passwords and the company aims to identify users based on how they interact with their mobile devices. The criteria include the way they’re handling their device, scrolling style and speed, strength of contact, and so on.
Apple was the first to employ an alternative authentication method that allowed users to access their iOS devices with a thumbprint instead of a password.
RELATED STORIES TO CHECK OUT:
- Microsoft Authenticator is finally available for Windows 10
- Microsoft Authenticator now offers phone sign-in support for all users
- Microsoft Edge vulnerable to cookie and password theft