More and more voices are rising, wondering if “password” still rhymes with “future”, when it comes to evoking the future of authentication.
Last July, the password lost its founder, Fernando Corbató, missing after celebrating 93rd birthday. Less than a year later, we are celebrating World Password Day, a real security key to our digital life, some of which today question the usefulness of it, at a time when new means of authentication are trying to prevail.
The password, unstoppable but competing
The uses resulting from digital are multiplying, and with them the services or applications, creating in fact a real digital dependence, reinforced in recent weeks by the massive development of telework, which is not without consequences in terms of security. Whether you remember all your passwords one by one or entrust them to one of the many managers on the market, the series of diverse characters is no longer the only means of authentication. If some people want to cherish it, others think they can do without it.
A fundamental and almost indestructible element of online computer security, the password, which allows you to log into a device, an application, your favorite video streaming or gaming service, any website or your account banking, now coexists with other authentication tools.
In addition to two-factor authentication, which is now well established, fingerprints and facial recognition (ultimately, biometrics) are increasingly used to secure services, applications and devices. “This is why many players in the technology industry have been considering removing the password for years”, says Anthony Di Bello, VP Strategic Development at OpenText. “There is a real trend emerging, using mobile devices for what some people call” zero connection “access. And alongside him, luminaries of new technologies also want to remove the password.
Stronger alternatives to the password?
What serves the password is the lack of consideration shown by Internet users towards it. Too often, cybersecurity specialists take turns a classification of the most used passwords who make the most savvy Internet users leap from their sofa: “123456”, “123456789”, “qwerty”, “azerty”, “password”, “football” or “111111” are some of the nuggets that weigh the heaviest.
Today, organizations likeFIDO Alliance, whose eminent members (Amazon, Facebook, Samsung, Qualcomm, PayPayl, Visa, Google and recently Apple) have the common goal of securing online connections by developing a standard of authentication U2F (second universal factor). We are now waiting to talk about the FIDO2 security standard, which consists of two-factor authentication based on security keys (FIDO2, therefore) and authentication tokens, which would allow connection without a password by favoring encryption and anonymization. But for now, the password still has many hours ahead of it.
We can’t repeat it enough, but if you don’t invest in a password manager, consider using a different password for each service and / or application, which can include random numbers and characters, in addition to the letters, and juggling capital letters. Jesus Sanchez-Aguilera Garcia, boss of B2B in the EMEA zone for McAfee, even advocates to “change passwords approximately every three months to stay as secure as possible online and protect what matters, including private information such as online banking details. “