Access and Feeds

Security: Authentication Without Passwords

By Dick Weisinger

Passwords have become a security problem that IT is hoping to plug.

A Verizon report found that “if you are relying on username/email address and password, you are rolling the dice as far as password re-usage from other breaches or malware on your customers’ devices are concerned.”

While passwords provide a level of security, they can be a nuisance. Remembering and tracking password changes places a burden on users. Some organizations try to improve security by forcing users to change their password on a frequent basis, sometimes as often as every two weeks.

Sean Sullivan, security advisor at F-Secure, said that “complexity every 14 days means that it is going to be written on a post-it note.”

Stina Ehrensvärd, CEO and Co-Founder, Yubico, said that “people do not want to be burdened with security — it has to be usable, simple, and work instantly. For years, achieving a balance between high security and ease of use was near impossible, but new authentication technologies are finally bridging the gap. With the availability of password-less login and security keys, it’s time for businesses to step up their security options. Organizations can do far better than passwords; in fact, users are demanding it.”

Alternatives to password include:

  • Multifactor authentication
  • Biometrics
  • Behavioral Recognition
  • Notifications
Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Leave a Reply

Your email address will not be published. Required fields are marked *

*

fourteen − twelve =