Traditional passwords, once a cornerstone of user account security, are increasingly revealing their flaws over time. The need to remember them, susceptibility to hacking and user inconvenience are among the challenges plaguing these age-old security tools. Let’s not forget the habit of the elderly to write down their passwords on sticky notes on the devices themselves. In response to these limitations, tech giants Google, Apple and Microsoft are turning to passwordless authentication methods, using biometrics and security keys to provide users with increased security and an improved experience.
What’s the problem with passwords?
While passwords have long held the title as the most popular means of authenticating users, a number of problems surround the concept. Numerous studies have highlighted the risks associated with compromised passwords, exacerbated by factors such as password retention and the habit of using the same password on multiple accounts, which significantly contribute to data misuse. For example, a 2019 study conducted by Yubico and the Ponemon Institute found that half of employees shared their passwords with colleagues. Similarly, findings from the Balbix Password Day 2020 report showed that 99% of users reused their passwords on an average of 2.7 accounts. This practice is primarily driven by the pursuit of convenience and speed, emphasizing the urgent need for safer and more convenient alternatives.
Is biometric authentication better than a traditional password?
Increased security
Biometric authentication brings an extra layer of security. Biometric characteristics, unique to each individual, are resistant to replication. Unlike password, which can be guessed, stolen or shared, biometrics are intrinsically linked to the individual, which greatly increases the bar for unauthorized users trying to impersonate someone else.
User experience
Biometric authentication eliminates the need to remember or manage passwords. Users are freed from the worry of forgotten passwords or the laborious process of creating and maintaining complex passwords for different accounts, this contributes to a more pleasant user experience of the authentication process.
Reduced risk of abuse
Although passwords can be shared or stolen, intentionally or unintentionally, biometric characteristics are tied to the account owner and are not easily transferable. Sharing or borrowing one’s biometric attributes becomes significantly more challenging for those who wish to abuse it in some way.
Resistance to brute force attacks and dictionary
Biometric authentication also boasts increased resistance to standard attack techniques, such as brute force attacks. a dictionary attack, in which cybercriminals attempt to extract or compromise password uses.
