Can Two Factor Authentication Replace The Need For Passwords?


The Problem With Passwords

Think back to the last online account you’ve created. Whether it was for a new social media platform or an online forum, chances are you were asked to create a password. A common misconception about passwords is that they need to contain random numbers and special characters to be considered “strong.” In fact, most websites won’t even let you finish creating an account until your password is strong enough. In reality though, following these password recommendations could result in an easy to crack password. Now, security researchers are suggesting the use of long phrases as a replacement, however, there is still an issue with this as well.

While remembering a single, long phrase is easy to do, trying to remember a separate one for each of your online accounts can become confusing. And if you choose to use the same phrase for each of your online accounts, you’ll be putting them all at risk in the event of another data breach. Luckily, passwords are not the only way to secure online accounts.

Can Two Factor Authentication Replace The Need For Passwords?
Would you consider using alternative methods of account verification over passwords?

Biometrics As A Password Replacement

Biometric scanning is a relatively new alternative to the standard password. And thanks to popular smartphones such as the iPhone X and Galaxy S8, biometric scanning has gone mainstream. From fingerprint readers to facial recognition software, there are multiple ways in which you can choose to protect your devices as well as your online accounts.

Biometric scans are not without their own faults however. For instance, this past week a flight from Doha to Bali was grounded after a woman discovered her husband had been cheating on her. How did she find out? She had used her husband’s finger to unlock his smartphone while he was sleeping. While that’s certainly one way to catch a cheater, it does raise some concerns about the use of biometric scanning as the primary way to access sensitive information.

The Fast Identity Online Alliance

What we need is a way to combine the convenience of biometric scanning with stronger security. This is where the FIDO (Fast Identity Online) Alliance comes in. The FIDO Alliance is an authentication standard that is quickly growing in popularity among the world’s tech giants. Adopted by Android and iOS devices, along with popular browsers such as Firefox and Google Chrome, the FIDO Alliance looks to enhance the standard username and password experience. They offer multiple authentication options, including password-less login and second-factor verification. The password-less experience allows you to use your preferred biometric scan (usually done through your smartphone) as a way to access your online accounts.

But if you’re truly concerned about the security of your online accounts, you can use FIDO’s two factor authentication process instead. This authentication method takes account security to the next level by adding a USB security key to the login process. That way if someone were to try and remotely access your accounts, they would require your physical USB security key to do so.

What is your take on the future of the password? Do you think biometric scanning is strong enough to replace passwords altogether? Let us know below!

Related: Does The iPhone X Face ID Pose A Security Threat?