Debate: Do Passwords Have A Future In Cybersecurity?

The concept of a password has been around for thousands of years and remain the first line of defence against hackers and snoopers in modern computing.

But the system is much maligned by those who resent having to remember multiple credentials and by many cybersecurity experts who argue they are too insecure and easy to guess. Other have lamented a number of data breaches that have seen unencrypted passwords exposed

Even the man who came up with the majority of password advice has expressed his regret at making them long and overly complicated.

But what is the future of the password? In recent weeks, a number of experts have expressed their opinions on the pages of Silicon, and we want to know where you stand.

Read More: The History of the password

For – ZoneFox CEO Jamie Graves

Yes, it’s true that the humble password finds itself in a world that has outgrown its sophistication. But rather than being destined for the scrapheap, they still have a role to play alongside other layers of security. You see they have become so ingrained in our everyday lives, that removing them altogether would be a huge step that would cause more chaos and uncertainty than actually fixing a problem.

Like many aspects of the brave new, technology lead world we live in password security needs to adapt, rather than disappear. For this reason, it is important the security sector makes a strong effort to fully implement additional ways for people to access their data – especially in the work place.

Passwords alone, as we know are susceptible to brute forcing, which means increasingly there must be protections built around them.

[Some organisations] have essentially made the password the first layer of defence, supported by more sophisticated techniques, such as a IP listing and two-factor authentication, whereby an email, or a text message is sent to a user to confirm that access to an account from an unknown machine.

Such approaches, where passwords, alongside other techniques are used, can once again be compared to the way that we currently use money in society. As well as having coins or notes in our wallets, we also now use mobile phones alongside plastic cards to pay for things. It’s a perfect example of an ecosystem of old and new working together.

You can read the full argument here

Against – Experian director of identity and fraud Nick Mothershaw

This system has served us well, but now it has run its course, and is no longer inclusive of today’s needs and expectations. We are now a fully digital age and, consequently, identity verification must enter it too. Identity is on the cusp of a great change.

As a digital economy, we’re still reliant on usernames, passwords, and security questions as a way to identify an individual. Customers have become used to this type of data exchange in order to validate their identity when necessary. But the fraudster has become all too familiar too.

Passwords are easy to forget. Research shows that most people have between 6 and 10 passwords they actively use, and 4 out of 10 need to use a password memory service to help them with remembering.

These are often used in multiple accounts, including using the same password for a bank account as they do a retailer. This represents a fraud risk, and one that most consumers should know, even if they aren’t changing their behaviour to mitigate it.

Passwords are yesterday’s technology. They are forgettable and subject to compromise.

For all their problems it’s likely passwords and usernames will be replaced. Or at least augmented with some form of biometric login to enhance security without comprising user experience.

You can read the full argument here

The verdict

But what do you think? Are passwords a relic of history or are they still the most conveient way to guarantee privacy and security? Or should they be usedin conjunction with another method? Vote below and let us know in the comments.

Loading ...
Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago