Beyond passwords: taking cybersecurity to the next level

by. David R. Baker

The password has failed.

That ubiquitous annoyance of the digital age – the computer password – has proved itself to be profoundly unsafe. People forget them, or worse, use the same one over and over, for everything from buying a book on Amazon.com to protecting a bank account. Hackers half a planet away steal them by the thousands, if not millions.

And hackers use those purloined passwords to steal other things. The most recent example: nude photos swiped from the Apple iCloud accounts of 100 celebrities.

Security experts have argued for years that the password, at least as it’s used today, must go. They are less certain about what should replace it.

Apple and Samsung phones come with a fingerprint sensor – an increasingly popular approach. Some companies are developing eye-scanners, or programs that can identify people from the way they hold, type on or scroll through their mobile phones.

‘Do the work for us’

Others say the solution is better security software that eliminates the need for any firm to store passwords en masse.

“If you look out five years, passwords won’t work,” said Brennen Byrne, chief executive officer of Clef, an Oakland startup that uses a mobile phone to verify identity. “We’re moving from a world where we log in to a hundred things a day to a world where we log in to a million things a day. And our phone, or something like it, will have to do the work for us.”

Many of the password’s problems lie in human psychology.

continue reading »

More News