Lately, we have been hearing more and more voices emerging with the opinion, that passwords are “doomed”, and about the alternatives which will replace them.
We don’t share this particular opinion, even though the technology behind those alternatives is evolving with an unprecedented speed. We will try to explain this opinion in today’s blog, as well as take a good look on those alternatives. We will also touch on the topic of password “hygiene”, and why it isn’t the best idea to rely on browsers, to keep it for you.
Password manager versus Biometrics
In recent years, several directions and approaches concerning cyber security have evolved. Most of them have a common denominator – biometrics, which is the identification of a person, based on their unique physical traits:
- Fingerprints: mostly popular with laptop and smartphone manufacturers, this method is enjoyed by many users, nevertheless has two disadvantages – as soon as your fingerprint is set, it can’t be changed (or not as easy as a common password), and according to the Chaos Computer Club, it is easy to bypass with the use of high-resolution images.
- Retina scan: modern, stylish (maybe thanks to movies like the Minority report and others), the safeguarding of files, profiles or any kind of access, by means of a retina scanner has the same shortcomings as the fingerprint method. The experts from the Chaos Computer Club have proven, that this method also, can be breached easily
- Brainwaves: scientists from the Binghamton University have successfully identified a person, purely on how their brain reacts to certain words and stimuli. Unfortunately, with only a 94% rate of precision and the added hassle of having to put on a “headband” for reading brainwaves. Not applicable in everyday situations and most certainly not secure enough.
- Speech pattern: some sectors have been playing around with this kind of safeguard, e.g. the Barclays Wealth Bank has reported a success rate of 95%in identifying a given person, after only about 30 seconds of trivial conversation over the phone. Nevertheless, this method is still far from being a universal solution. Just think about what happens to your voice, when you’re having some health problems.
From the above examples, we can clearly see that none of the “modern” alternatives – even considering the added comfort – are nowhere near replacing the password. As long as the methods of verification that implement biometrical data, won’t show better results, the security which they offer can not be relied upon.
Password manager versus Browser
A lot of you have asked us about using a password management software, if the browsers that we all use anyway, can save and keep our passwords in the same way. This is, unfortunately, a big misconception. Browsers certainly CAN and DO save your passwords (if you remember to click the old “save password” dialog) when you log in for the first time or register a new account somewhere. What most people don’t realize, is that these passwords are – without much trouble – accessible to anyone, who sits behind your computer. We acknowledge, that this item is not very easy to find in the settings of the browser itself, but it definitely isn’t secured or hidden from a potential attacker.
Browsers simply weren’t developed to guard passwords, but rather for a smooth experience when surfing the web. The passwords are not encrypted, you don’t have access to them from other devices and anyone can easily extract them from the given browser. Not to mention, that you have to remember all your passwords for the times when you are not using your own computer.
In comparison, a password management software has got this all figured out. The passwords are securely encrypted, synchronized across all your devices and accessible via your master password, which is the only one you have to remember.
According to everything we stated so far, there can’t be any doubt, that the traditional passwords are not heading towards their doom, nor will they be replaced anytime soon. Password managers will continue to keep their top spot in providing security and comfort when handling sensitive data or files. It is up to you to give it a chance and up to us, to prove that your decision was the right one.