A future without passwords?

May 1, 2020

A future without passwords?

A future without passwords?

Today is world password day. So here is a blog on this very topic.

81% of company data breaches are due to poor passwords

The average person has 90 or more accounts that require passwords

Almost half of Brits (47%) have either never changed the password to their email account since setting it up, or have only done so when forgetting or in response to a hack

Passwords… it’s safe to say that they’re the bane of our lives. Little wonder that so many of us resort to using passwords that we really shouldn’t.

In November of 2016, 6.8M records were ‘pwned’(ie had their passwords stolen and pasted onto the internet for all and sundry to see). But the most depressing part of this breach was the fact that 1,910,144 passwords out of 2,232,284 were already available online – they’d already been leaked and pasted to the internet in previous hacks. This is actually pretty unsurprising, when you consider that the following (scarily insecure) passwords were commonplace…

123456

123456789

qwerty

password

111111

12345678

abc123

password1

1234567

12345

 

“Passwords date from 1964 – I don’t need to point out how absurd it is that we’re still using them to protect ourselves over half a century later, with all the technology advances – and threats – we’re subject to today”.

  • John Heaton-Armstrong, Chief Information Security Officer at Account Technologies

 

The future – will it be free from passwords?

Banks have been funnelling money into identity management technology for decades, and it’s only now that we’re beginning to see the fruits of their labour. Natwest has launchedthe first biometric credit card, while HSBC, Santander, RBS, Citibank and Barclays now offer fingerprint technology. Barclays, Halifax, HSBC, Lloyds, Natwest and Santander  also now, or soon will, offer voice ID, with telecom businesses, such as Vodafone and TalkTalk plus HM Revenue soon set to follow in their footsteps.

“Historically, user experience hasn’t been an area for banks to compete on – competition has largely focused on price and scale. Now however, improved user experience, such as a more secure, streamlined payment journey, is having much more of an impact. Particularly at a time when debt market spreads are incredibly tight”.

  • John Heaton-Armstrong, Chief Information Security Officer at Account Technologies

With the introduction of SCA, two-factor authentication is changing the way people pay. Soon to be in place for both online and offline transactions, consumers will be required to provide both biometric authentication (ie fingerprint or face recognition) and the possession of a device where the possession can be dynamically confirmed, such as a sim card or encrypted token). While this two-step security sounds as though it could add pain to the process of paying, it will in fact improve the experience beyond measure for consumers who have faced decades of frustration with passwords.

 

“Financial sector organizations in some countries are seizing far broader business benefits by exploiting new identity sources, biometrics and advanced analytics technologies to increase customer insight and service relevance, while reducing fraud, waste and abuse”.

–       Accenture report on the future of identity banking