R.I.P. Password

R.I.P. Password

If you’re like me, you love a movie with a good plot…one filled with unexpected twists and turns that keeps your attention, and sprinkle in a little bit of emotional baggage, then add a R.I.P. Password murder plot to the mix, and you’ve got the next Oscar-winning movie! Throughout this type of movie, each moment is carefully planned to ensure viewer engagement and interest stays piqued. The same is true in the mobile world, only the plot here revolves around the murder of the password by biometrics. (Weird, scary music can be heard in the background.)

The setting opens up in the 1960’s where people used mainframes housed in an entire room. These time-sharing computers required a user to enter their login name and password, telling the computer who was sitting at the terminal and which files to make available. Back then, stealing someone’s password was a practical joke. There was only one computer where you could use your credentials and not too much personal information was displayed.

Fast forward 50 years, and look what the right password can do: allow you to read emails, order products, hijack cloud-storage accounts, even delete every trace of someone’s digital life! And, all this and more can be done anywhere as long as there’s an internet connection.

Here enters the character, PayPal, who in 2010 decided to consult with their head of security, a fingerprint security entrepreneur and a renowned cryptographer to establish an easier way to log into PayPal. Two years later, the FIDO Alliance was launched, a group trying to wean companies off passwords for good; hence, the murderer takes center stage to kill the password.

According to the members of FIDO, if people log into their computers with fingerprint readers, sites could log them in automatically using the Zero-Knowledge Proof protocol that proves a successful identification has been made without giving away details. Therefore, a single device could authenticate someone to the entire web.

Take the iPhone 5s, for example. You always have a finger with you and in this day, you always have your phone, so logging in isn’t an issue. The combination of finger and phone makes security much harder to break, and it looks like there’s no room for a password credential.

This never-ending story came to a halt on April 11th with the arrival of Samsung’s new Galaxy S5, complete with a fingerprint reader, but this reader is special. It plugs directly into PayPal which connects the user to dozens of different payment systems. Instead of a password, all that’s needed is a fingerprint to carry the user through the entire web.

RIP password.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

  • Survey: Less Than Half of IT Leaders are Confident in their IoT Security Plans

    Viakoo recently released findings from its 2024 IoT Security Crisis: By the Numbers. The survey uncovers insights from IT and security executives, exposes a dramatic surge in enterprise IoT security risks, and highlights a critical missing piece in the IoT security technology stack. The clarion call is clear: IT leaders urgently need to secure their IoT infrastructure one application at a time in an automated and expeditious fashion. Read Now

  • ASIS International and SIA Release “Complexities in the Global Security Market: 2024 Through 2026”

    ASIS International and the Security Industry Association (SIA) – the leading security associations for the security industry – have released ”Complexities in the Global Security Market: 2024 Through 2026”, a new research report that provides insights into the equipment, technologies, and employment of the global security industry, including regional market breakouts. SIA and ASIS partnered with global analytics and advisory firm Omdia to complete the research. Read Now

  • President Biden Issues Executive Order to Bolster U.S Port Cybersecurity

    On Wednesday, President Biden issued an Executive Order to bolster the security of the nation’s ports, alongside a series of additional actions that will strengthen maritime cybersecurity and more Read Now

  • Report: 15 Percent of All Emails Sent in 2023 Were Malicious

    VIPRE Security Group recently released its report titled “Email Security in 2024: An Expert Look at Email-Based Threats”. The 2024 predictions for email security in this report are based on an analysis of over 7 billion emails processed by VIPRE worldwide during 2023. This equates to almost one email for everyone on the planet. Of those, roughly 1 billion (or 15%) were malicious. Read Now

Featured Cybersecurity

Whitepapers

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3