AuthentificationCyberCrimeFirewallSecuritySecurity ManagementVirus

Debate: Do Passwords Have A Future In Cybersecurity?

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Follow on: Google +

VOTE: Passwords are much maligned but still widely used. What does the future hold? Read the views from our experts and vote!

The concept of a password has been around for thousands of years and remain the first line of defence against hackers and snoopers in modern computing. 

But the system is much maligned by those who resent having to remember multiple credentials and by many cybersecurity experts who argue they are too insecure and easy to guess. Other have lamented a number of data breaches that have seen unencrypted passwords exposed 

Even the man who came up with the majority of password advice has expressed his regret at making them long and overly complicated. 

But what is the future of the password? In recent weeks, a number of experts have expressed their opinions on the pages of Silicon, and we want to know where you stand. 

Read More: The History of the password

passwords

For – ZoneFox CEO Jamie Graves 

Yes, it’s true that the humble password finds itself in a world that has outgrown its sophistication. But rather than being destined for the scrapheap, they still have a role to play alongside other layers of security. You see they have become so ingrained in our everyday lives, that removing them altogether would be a huge step that would cause more chaos and uncertainty than actually fixing a problem. 

Like many aspects of the brave new, technology lead world we live in password security needs to adapt, rather than disappear. For this reason, it is important the security sector makes a strong effort to fully implement additional ways for people to access their data – especially in the work place. 

Passwords alone, as we know are susceptible to brute forcing, which means increasingly there must be protections built around them.  

[Some organisations] have essentially made the password the first layer of defence, supported by more sophisticated techniques, such as a IP listing and two-factor authentication, whereby an email, or a text message is sent to a user to confirm that access to an account from an unknown machine. 

Such approaches, where passwords, alongside other techniques are used, can once again be compared to the way that we currently use money in society. As well as having coins or notes in our wallets, we also now use mobile phones alongside plastic cards to pay for things. It’s a perfect example of an ecosystem of old and new working together. 

You can read the full argument here 

Against – Experian director of identity and fraud Nick Mothershaw 

This system has served us well, but now it has run its course, and is no longer inclusive of today’s needs and expectations. We are now a fully digital age and, consequently, identity verification must enter it too. Identity is on the cusp of a great change. 

As a digital economy, we’re still reliant on usernames, passwords, and security questions as a way to identify an individual. Customers have become used to this type of data exchange in order to validate their identity when necessary. But the fraudster has become all too familiar too.  

Passwords are easy to forget. Research shows that most people have between 6 and 10 passwords they actively use, and 4 out of 10 need to use a password memory service to help them with remembering.   

These are often used in multiple accounts, including using the same password for a bank account as they do a retailer. This represents a fraud risk, and one that most consumers should know, even if they aren’t changing their behaviour to mitigate it. 

Passwords are yesterday’s technology. They are forgettable and subject to compromise.  

For all their problems it’s likely passwords and usernames will be replaced. Or at least augmented with some form of biometric login to enhance security without comprising user experience.  

You can read the full argument here 

The verdict 

But what do you think? Are passwords a relic of history or are they still the most conveient way to guarantee privacy and security? Or should they be usedin conjunction with another method? Vote below and let us know in the comments. 

Do passwords have a future in cybersecurity?

View Results

Loading ... Loading ...