Here at SumRando, we’ve harped again and again on the importance of using strong passwords. But in light of the massive password leaks we’ve seen this year, we’re starting to wonder if even the best passwords are no longer cutting it. After all, if a cybercriminal can simply download a list of login data from a vulnerable web service, it really doesn’t matter how long or complicated your login is. So what do we do if passwords are no longer secure?
Last year, IBM made a series of predictions regarding the development of technology over the next five years. In addition to mind-reading devices (awesome!), the tech giant predicted the password going the way of the floppy disk and the advent of biometrics on a large scale.
If you haven’t watched any spy movies recently, biometric security involves systems that confirm who you are based on things like your fingerprints, iris, heartbeat, or any other physiological input.
Already, some banks are utilizing voice recognition biometrics for phone-based banking or as a double-check for ATMs and several U.S. based police departments employ smartphone based retinal scans that compare an individuals biometric data with a database for identification purposes.
So what might be in store for the average Joe’s smartphone or laptop?
Napa Sae-Bae, a graduate student at the Polytechnic Institute of New York University, is creating an iPad app to verify users' hand shape and finger length. Sae-Bae's biometric analyzing algorithm has already yielded a 90 percent accuracy rate, suggesting her innovation may have widespread application when it debuts in a year.
This project improves on Sae-Bae's existing tablet app, which unlocks iPads in response to hand gestures like palm rotation.
"Unlike gestures, fingerprints are physiological physical traits that you can't change," she explained about her current research. "There's the feeling that these are supposed to be secure and private." [mobiledia]
And while biometrics are certainly more secure than traditional passwords, there are definitely drawbacks.
The Samsung Galaxy Note Android phone uses face recognition in its lock screen. Unfortunately, a picture of the phone’s owner will also unlock the device.
Of course, advances in accuracy can make spoofing devices like this more difficult, but what happens if your detailed biometric data is cracked? If your password is hacked or leaked, it takes only a minute to regain a secure login by changing it to something new. If your biometric information is hacked or leaked, you can’t very well change your fingerprints or irises.
While it’s safe to say passwords are on the way out and safer security measures like biometrics are on the way in, as long as security measures are taken, hackers and cybercriminals will find ways to compromise them.