Password Vs Passwordless? Cybersecurity Experts Annouce New Password Guidance

BACKGROUND:

Yesterday, Britain’s National Cyber Security Council announced websites should allow customers to cut and paste passwords to access their accounts following new password guidance issued by The National Cyber Security Centre. 

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Stephen Ritter
InfoSec Expert
October 26, 2021 11:32 am

<p>Passwords are one of our biggest vulnerabilities – but this is not the consumer’s fault. The fault lies with the technology industry. In the last ten years, our shift to a digital economy has created the perfect automation infrastructure for attackers to abuse. It’s easier than ever for attackers to go on the dark web, pay for a database of breached passwords, and then have their software do its work, thousands of login attempts at a time. Put simply, no matter what we do, the numbers game won’t be in our favour.  </p>
<p>This is a problem that the technology industry has created, so it’s up to us to find the solution – one strong and convenient enough to keep consumers safe and attackers out. While new password guidance like the NCSC’s announcement could work, moving from passwords to biometrics is an even better idea.  </p>
<p>This means using facial, fingerprint or retinal features to confirm a user’s identity. Newer tools like behavioural biometrics could come in too: this technology could verify someone’s identity by looking at their behaviour – including the way they type, hold their phone, or the websites they visit – to create a unique digital fingerprint. In cases when physical biometrics may not be enough, behavioural biometrics can fill the missing gap.</p>

Last edited 1 year ago by Stephen Ritter
1
0
Would love your thoughts, please comment.x
()
x