We’ve all grown extremely comfortable with passwords, accepting their faults and flaws along the way. Just to read this article, you may have had to enter a couple of passwords as you progress through the device boot-up and any other security layers. This makes leaving passwords in the past all the more difficult and daunting, saying goodbye to the old friend we’ve trusted since we unboxed our first PC.
But there are problems with passwords, and the more we discuss them in the open, the easier it will be to replace them with more effective and beneficial forms of identity management.
The number of high profile data breaches and hacks which have occurred over the past couple of years have highlighted how advanced cyber-criminals have become, with even massive businesses such as T-Mobile unable to protect their customers’ account details.
This naturally calls into account the security and identity management process utilised by personal and business users of all sizes. As perhaps the most prehistoric form of identity management still widely utilised, password protection is the natural victim of an increased focus on security. This article from Wired demonstrates just how vulnerable our passwords can be, with relatively amateur hackers able to decipher a significant percentage of passwords.
Every year, millions of identities are exposed as a direct result of data breaches. In 2015 alone, 429 million identities were exposed across 318 reported breaches – demonstrating the desperate need for a new approach to identity management and security.
Multi-factor authentication has emerged as a more secure solution to the password problems – creating more layers which need to be accessed, and thus making hack attempts exponentially more difficult.
The stats surrounding the average number of different passwords employed by individuals always make for shocking reading. Even if the different sources can’t seem to agree upon a set average number, the figures tend to be around 15-20 different passwords used by every person. This is completely counter-intuitive to technology’s aim of making processes simpler and more efficient.
Racking your brain for the specific password set for an account within the three guess limit can be a stressful and sometimes impossible task. This then kick-starts the ever-awful ‘forgot your password’ process, further inhibiting the usability of the password protected account.
This infographic from password protection firm, Dashlane, reveals that the average UK email address is connected to 118 different accounts – and estimations suggest that this number will only continue to grow.
Social sign on can provide a solution to the problem of ever-increasing accounts, helping users connect a selection of different accounts to one central login process. Using Facebook or Twitter as a hub can make the process of switching between accounts on different platforms an efficient and simple task.
However, many users will not want a significant number of their online accounts and profiles accessible via a social sign on which only requires a password. To increase the scope and potential of social sign on, an alternate, multi-layered login approach may need to be adopted by the social platforms.
Multi-factor authentication could add extra layers of security to the identity management process, making it harder for unauthorized parties to cause breaches. An intelligently implemented multi-factor authentication process could help support more robust identity management without inhibiting the user experience.