Menu Close

A future free of passwords?

A great article by Ivan Mehta on the merits of a future free of passwords.

“Most services you use on your phone or laptop, from email providers to food delivery providers, require you to have a password. With so many services and websites, it’s hard to come up with unique passwords and remember all of them.

So, a lot of people end up using the same password for multiple services — and that’s a threat. If one website is compromised, your other accounts can be at risk too. A 2019 Verizon report suggests that 80% of hacking-related breaches are caused by using weak or compromised passwords.

I talked to Andrew Shikiar, executive director of the FIDO Alliance, and its partner and hardware security key maker Yubico, about authentication without passwords through the FIDO2 standard.

Shikiar said that FIDO2-based authentication is seeing a lot of traction with enterprise customers as well. Because of the COVID-19 pandemic, a lot of people have to work from home in an environment that might not be as secure as the office. Plus, with the rising number of cyberattacks this year, it’s important for companies to protect their data.

John Gilbert, General Manager, UK&I at Yubico, a company that makes FIDO-certified hardware security key, agrees:

Because of the pandemic, convergence between our work lives and our home is happening in a much more concentrated way. So there’s the need to ensure that we have the same sort of levels of security available to us. I think what Yubico does and what we’ve always done is to provide something that is very simple and easy to use.

The FIDO Alliance executive said that while it’s hard to know exactly what happened when Twitter was hacked in July, and accounts belonging to Elon Musk and Jeff Bezos were compromised, he believes that if the company had used security keys for sensitive programs, the breach wouldn’t have taken place.

Gilbert told me that hardware security keys are one of the most secure ways of authentication because they’re off the network and, unlike your phone, a hacker can’t attack them. Plus, these keys don’t rely on any kind of network or battery life. So, you can use them at any time.”

To read the full article – click here

To purchase your very own YubiKey in South Africa – click here

Leave a Reply

Your email address will not be published.