Need to check your bank account balance? Ready to relax while streaming a movie? Hoping to do some online shopping? Want to see if you have any matches on your online dating portal? If you do any of these things, you not only have an online account with a relevant service provider, you also have a password. And chances are it's a highly complex combination of numbers, special characters, letters, capitals and lowercase. And there’s an even better chance that you have either a. forgotten what it is or b. have been using exactly one password for all these services.
Why? Because in a day and age when we need a username and password for almost everything we do, it’s hard to keep track of them all. Especially when the level of security they provide is 100% contingent on how complex they are. The more complicated the less hackable. This is why our suggestion for the most secure password is: no password at all.
Why passwords aren’t working
All too often, users are deemed the weak link in data management and security. By choosing weak passwords, they leave their data and the companies themselves vulnerable to cyber attacks. Companies have thus far responded to this problem by creating labyrinthian guidelines for password selection: this many numbers, this many special characters, at least one capital letter. In a best-case scenario, the user complies. Worst case scenario, companies lose potential new clients who don’t want to invest the time and effort into setting up accounts, or users simply reuse passwords from other services. Considering that 75 per cent of German companies were affected by cyberattacks in 2018 alone, and an additional 13 per cent were suspected of being targeted, making security more complicated for end users hardly seems like a smart solution.
Tech is supposed to make life simpler, not more difficult. The burden to ensure that personal, financial, and health, data remain secure should not be placed on users. Especially nowadays, with more and more of our data in the cloud and accessible on the go, the stakes are incredibly high. Instead of trying to guarantee that users create the perfect and impenetrable password by devising intricate password creation guidelines, companies should switch to passwordless login. This way, technology can work for us instead of impeding us.
Why the way forward is passwordless
Though tools like two-factor authentication and password management have become more prevalent, they fail to bypass the actual problem: weak passwords. Many companies are spending heavily on these technologies and holding fast to what should be considered an antiquated system for securing information. But the fact is: our devices have gotten smarter, it’s time for us to get smarter, too.
Thanks to rapid technological developments and a major shift from desktop to mobile computing, it is now easier than ever to relegate passwords to the past and transition to passwordless authentication. With features like fingerprint scanning and facial recognition integrated into our smartphones, a switch to biometric passwords can be accomplished quickly and seamlessly. Not only is this the safest solution, but it is also the easiest. Especially considering all the hoops users have to jump through to be sure their passwords are uncrackable. Technology has given us the means, it’s time for us to seize the opportunity to redefine security.
Time to invest in user-friendly solutions
Companies invest significant monetary resources into password security. This not only includes implementing the strongest (and ultimately most cumbersome) tools and processes available to protect the security of user accounts, it also entails hiring IT specialists to navigate the process. But instead of using this expensive expertise to fine-tune an imperfect system, it would be a better investment of time and money to use readily available biometric technology to implement a surefire and unreplicable security strategy. This way, the experts can stop devising password safety tools and focus on building truly robust systems.
Users have better things to do with their time and their brains than mull over the best and strongest possible passwords for each and every service they sign up for. It’s time to get rid of the real weakest link: user-unfriendly password security!