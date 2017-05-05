Should world password day be a thing of the past?

by Dwayne Melancon  |  Friday 5 May 2017  | Comment Now
Should world password day be a thing of the past?

Dwayne Melancon discusses the future of authentication and why a layered approach to security trumps the flimsy password - both in terms of user experience and security - with dynamic multi-factor authentication preferred.

Each year on World Password Day, I wonder whether this year's will be the last. After all, passwords are an insufficient means of protecting what's important to us. When you look at major breaches, they frequently involve bad guys using someone's username and password to get into a trusted account and do untrusted things.

It's time for passwords to fade away as our primary means of authentication – I believe that the idea of using passwords to access your accounts will soon seem as antiquated as waiting in line at the bank to withdraw cash from a teller. After all, passwords are static – they only change when either the user or the online provider decides they need to be changed. We need something more dynamic, that can adapt to the risk in a given situation.

To get to this better future requires some work and changes in habits, of course. The answer is to move away from password authentication to a model of frictionless, multi-factor authentication.

There are a few challenges, and most of them relate to the user experience. First, passwords are familiar and convenient to many users. Second, multi-factor authentication is sometimes portrayed as complicated or confusing to the average user. That doesn't have to be the case.

When I talk about multi-factor authentication, I'm not talking about texting you a code to prove your identity. I'm talking about dynamic multi-factor authentication (MFA), which uses context to determine how much you (or the person or device trying to access your account) can be trusted. For example, dynamic MFA can (invisibly) perform dynamic measurement of what you're doing, how you're doing it, where you are, and so forth and use that context to reduce, or even eliminate, the amount of “in your face” authentication that is required.

From a business perspective, this approach of dynamic multi-factor authentication makes a lot of sense because it helps make the right things easy, and the wrong things difficult. Dynamic MFA increases trust between you and your users, while minimising the amount of effort required. From a user perspective, this approach gets closer to the “it just works” model they want, and doesn't lead to the frustration of overly complex password policies (or the risk of using “password123” on every account because anything else seem too complicated).

We need to celebrate World Authentication Day instead – I've got it on my calendar for next year. Do you?

Contributed by Dwayne Melancon, VP of product, iovation

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.

This article originally appeared at scmagazineuk.com

Related Articles

Source: Copyright © SC Magazine, UK edition

See more about:  password day  |  security
 
 
Latest articles on BIT Latest Articles from BIT
How most businesses are still getting security wrong
1 May 2017
The vast majority of breaches use old techniques that are easily preventable, according to a new ...
Two million Android devices 'hit by Google Play malware'
1 May 2017
Researchers say they have discovered more than 45 apps laden with botnet malware.
Asustor AS3102T review: a fast, flexible 2-bay NAS
27 Apr 2017
Asustor's entry-level 2-bay network attached storage device could be equally useful in the ...
Mastercard credit card has a built-in fingerprint sensor
21 Apr 2017
The commerce giant trials a new card with a thumb-sized fingerprint reader.
Australian organisations targeted via zero-day Word bug
12 Apr 2017
Microsoft Word users should update the application to fix a zero-day bug that has been "used to ...

Latest Comments

Powered by Disqus

From our Partners

PC & Tech Authority Downloads
 
 
 