‘’Time to kill the password’’ is the password history?
‘’The time of coming up with intricate passwords with numbers, capital letters and special characters ánd remembering them is a thing of the past.’’ Says Suzanne Choney, writer and editor at Microsoft who wrote an article about safety and improving it.
More than two-thirds of people use the same password across dozens of different accounts. Weak passwords and stolen identities are the No. 1 source of data loss.
Stolen passwords are so commonplace among criminals that they can easily buy usernames and passwords for less than $20 on the dark web – and can inflict a good amount of financial damage for such a small investment.
At the moment the way to go about it is to simply change your password after a couple of weeks but with more and more ‘demands’ (capital letters, numbers and special characters). It is complicated to come up with and to remember the passwords after you’ve changed them. Saving your password somewhere on your pc or writing it down is no go.
Old password rules
Bill Burr, writer of the book for password management even admits that the rules he has described back then are no longer sufficient “It just drives people bananas and they don’t pick good passwords no matter what you do” .
Microsoft has a vision where technology and especially intelligence will play a bigger part. The underlying techniques are advanced but the approach is very simple. Instead of making you come up with a whole list of passwords, you are password.
With Windows Hello that was introduced in Windows 10 they already begun to eliminate the traditional way of using passwords to get access. Windows 10 verifies your identity with biometric sensors that analyze your physical appearance or fingerprint.
Another effective and safe way to sign in is the Windows Authenticator app you get access to your Microsoft account with a PIN (personal identification number) or fingerprint as verification.
FIDO on a mission
The non profit organization FIDO (Fast Identity Online) led by industry leaders such as Microsoft is on a mission to introduce biometric authentications on a large scale for many applications and websites. Intel, Google, Samsung, Paypal, eBay, MasterCard, Bank of America, Visa, Qualcomm and Verizon are also a part of this organization and together they form a strong front to solve this problem together.
Brett McDowell, FIDO’s executive director, explains that the basis for the FIDO security model lays in public key cryptography. ‘’The private key stays on your personal device; “it is never shared over the internet, it is never put in a database,” McDowell says. “Instead of a password being stored on the server, only the public key for that account is ever shared with the online application so it can be used to verify what is called a ‘cryptographic signature’ from the user’s device during future authentication challenges.” This process confirms “proof of possession” of the private key without ever sharing the private key itself, he says, “thus ending phishing for credentials and/or reusing stolen credentials from a data breach.”
Of course it will take some time for companies and people to adopt this new technology but looking at the positive developments we can definitely say this is part of the future of securing your IT environment.
Your security always up to date with Office 365
When you are using Office 365 you can be sure that your security is always up to date against all possible threats for you personally as well as your company. For more information about possible solutions or services for you, contact Frans Koster: firstname.lastname@example.org