Is It Time To Shelve The Password?
It may not be long before you never have to create or remember a password ever again. Despite being integral to identifying people for much of recorded history, knowing your password, or anyone else’s is quickly becoming irrelevant. Even worse, some people think the password is responsible for the extraordinary economic damage.
Why get rid of them? The average person does not particularly like passwords, but more importantly, they have become an easily exploitable chink in computer security that hackers have learned to efficiently exploit. Yaser Masoudnia, CEO of San Francisco-based WiActs, would tell you it is necessary to get rid of them because they cost companies, individuals, and the economy as a whole hundreds of millions of dollars every year.
“Most serious security breaches that take place today happen because of flaws in identity management, meaning a hacker was able to figure out, steal, or break through a password,” says Masoudnia.
The affliction of password hacking extends beyond the high-profile attacks that saturate headlines, it also regularly victimizes small businesses and personal accounts. These hacks result in lost revenue, stolen identities, loss of consumer confidence, years spent recovering data, and more. In other words, the incentive to improve the way we protect our information and access our emails, databases, and other accounts is enormous.
WiActs has approached the issue from an unorthodox angle. They have developed a technology that allows users to access all of their accounts through a process that relies on biometric information, encrypted login credentials, and dual factor authentication, all wrapped into a suite of other security measures that makes it one of the most pioneering options for upgrading the way we protect our information.
Masoudnia, who says his technology is already in trial phases with large international financial institutions and several government agencies, says that adopting password-less security is a simple paradigm shift.
“People have used passwords for thousands of years in various forms. They have become far more prevalent in the age of computers, but they have never been the only way to authenticate identity. We are simply leveraging another approach that is far less susceptible to being hacked.”
The WiActs solution is certainly a shift in paradigm. Instead of logging into your email by entering a password, WiActs has its users log into their portal www.nopassword.com. You do so by using the WiActs application on your smartphone that reads your biometric data and sends an encrypted signal to the portal verifying your identity. That encrypted message is also stamped with data unique to your smartphone, so it cannot be replicated from another smartphone. Once you have entered the portal, you have access to all your accounts in one place - Outlook, Salesforce, Facebook, etc.
This solution completely erases the vulnerabilities of weak passwords. And despite initially seeming more complex than typing in a password, is more efficient in a number of other ways. For starters, you only need to log into the portal one time after which you have access to all your accounts instead of needing to log in to each one separately. You also never need to worry about forgetting a password again, which has frequently ranked as one of the most annoying things that can happen to you.
Companies probably stand to benefit the most from this transition. One employee using a weak password can make the entire company vulnerable to a devastating data breach. WiActs’ geofencing feature can also stop employees with malicious intentions who try to steal company data. This feature allows employers to dictate where employees can login from, meaning you can stipulate that company accounts can only be accessed from the office or within a particular city.
“Moving beyond password-based security opens up a whole new world of options for improving security,” says Masoudnia. “The cost of hacks is getting bigger, not smaller. Anyone who has ever been hacked already understands. I hope others will see the vision before they experience a devastating data breach. The time has come to get rid of passwords.”