Internet security and the future of the password
This is a guest post.
Charles Trentham is diehard tech blogger who loves to write about software, technology, and future science. After retiring from a small telecom startup after the bubble burst, he’s been blogging fulltime, including some freeland work on topics like internet security in order to feed his tech habits. He enjoys spending time with his family and Kelpie, named Elaine.
At any given time and across any given news site it’s clear to see that the internet landscape is changing; sometimes for better and sometimes for the worst. More often than not we see news story after news story of accounts and businesses that have fallen victim to hacks and malicious users accessing private data for ulterior motives. In order to better combat these attacks, the minds at Google have been hard at work formulating new ways that people will access information that has previously required a password to access.
While Google is strictly looking at ways to better protect email accounts, the question begins to be raised if other password-protected profiles and documents need the same overhaul. Last year, technology guru Mat Honan stated in Wired magazine that our reliance on the password to protect our information is soon coming to an end. While his statements might have been a little too grandiose, he was on the right track.
As it stands now, we have already begun to see a slight decline in the use of passwords as the sole protection over an account. It is not uncommon for many online banking sites to require several authentication methods such as passwords, security questions and dates of birth in order to confirm information isn’t falling into the wrong hands.
Depending on the online service that you are using, steps that reach even further beyond multiple questions might already be in play. For some, other layers of authentication come from their mobile devices. Jeremy Grant, who is head of the National Strategy for Trusted Identities in Cyberspace says it is steps like these that we can expect to see a lot more of as we increase the amount of what we share, store and access on the internet.
Mobile authentication works through a secure server and a messaging program such as a text service or email. When an account needs to be accessed, a message will be relayed to the home server. This home server will then shoot out a unique access code to the user’s mobile device that, once entered into the program, will allow them entry.
While mobile authentication is certainly one direction things could go, there is a wide variety of other options that have become available as more technological feats are accomplished. One such security measure that has been speculated is the use of computer recognition. We are not talking about facial scanning or fingerprinting (although that could be an option as well). Research that is being done in this area is more along the lines of reliable user behaviour that is consistent with the owner’s browsing and internet habits. If there is an attempt to access information from a location that is not on par with what is normal, the account would lock that user out and send an alert to the rightful owner. In short, keystrokes as *biometrics: a little wild and whacky but tech research group DARPA has been working on what they call ‘keystroke dynamics‘ for a few years now.
In line with the minds at Google, another option – something that is more tangible to the user: this line of thinking shows things like a small keychain curio or dog-tag type medal that would be scanned to a machine in order to validate that the correct user is accessing the information that is meant for them.
Things like these exist in small markets already and hotels and resorts have been capitalising on them for years now with keyless entry systems to guests’ rooms.
Whatever the future holds, it’s clear that the password will not be eradicated completely. All of these authentication systems still rely on some sort of password entry. How, exactly, this is going to be done however is still as elusive as a locked chest behind a closed door.
The term ‘biometrics‘ refers to a measurable characteristic that is unique to an individual such as fingerprints, facial structure, the iris or a person’s voice.