What Will Replace Your Password

What Will Replace Your PasswordFollowers of the Bach Seat know that passwords suck. I have covered alternatives to passwords as far back as 2010 and here  and here. Now the Business Insider lists nine crazy alternatives to passwords. The article describes how researchers and companies all over the globe are working on new gadgets and technology that can save you from the headache of memorizing (and inevitably forgetting) passwords.

BiometricsThe article calls out several ways to replace passwords to authenticate a user. Users can be authenticated based on a physical trait or biometrics. Biometrics is the measurement and statistical analysis of people’s physical and behavioral characteristics. Biometrics can offer one of the independent credentials required for multifactor authentication (MFA). MFA combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification).

Selfies – This might be the password of choice for the Facebook (FB) generation. Companies like Amazon (AMZN) and Mastercard (MA) are already considering technology that would ask users to snap pictures of their faces on a smartphone before making a transaction. Mastercard’s technology would need a user to blink before their face is scanned as a safeguard to prevent hackers from simply placing a picture of someone else in front of the camera.

Mastercard Selfie PayEdible pills – Swallowing pills might be one of the few things more annoying that memorizing passwords. But some researchers think it’s the future. After mixing with stomach acids the pill would emit a unique, low power signal that connects with your PC. Google (GOOG) VP of Advanced Technology and Projects Regina Dugan described such a system a few years ago. According to Ms. Dugan, a person could safely ingest 30 pills every day for the rest of their lives.

Your gait – Going for a stroll might not sound like the most convenient way to log on to your computer, but the way you walk has some unique traits that could serve as a mean of authentication. A wearable device, like a bracelet or anklet, could record your most recent physical activity and use that information as a password the next time you need to log on. One study reportedly analyzed the foot pressure patterns and achieved a a 99.6 percent accuracy rate. rb- I covered the now defunct Alohar Mobile attempt to turn how you stroll into a password here.

Ear as a passwordYour ear cavity – Has anyone ever told you your ear canal is one of a kind? Special earbuds, being developed by NEC, bounce a sound into your ear’s cavity and use the reverberations as a signature to identify you. NEC hopes to have these available within a few years. A British study was able to achieve a 99.6 percent accuracy rate of properly identifying individuals by analyzing how light reflects off the curves of the ears. rb- Back in 2014 I covered Descartes Biometrics app that used the shape of your ear as a password.

Your backside – The shape and contours of your posterior are so special that some researchers in Japan have explored whether a special seat mat could be used to identify you. The experimental mat, which is packed with special sensors that measure pressure distribution, could be integrated into cars, to prevent unauthorized sitters from driving off with the vehicle.

Tattoos as passwordsTattoos – Google’s Regina Dugan showed off a sticker-like wearable tattoo on her arm a few years ago that she said could be used to unlock a phone or computer. The tattoo, which was only an experimental prototype, was made of flexible circuits and sensors, and could be worn for up to a week, she explained. No word on whether you can get the password tattoo in the design of a fire-breathing dragon.

Your Jewelry – Wearable gadgets like the Fitbit and Apple Watch can already track your sleep and the steps you take. The next step is to track the pattern of your pulse or heart rate, as the Nymi band does, and use that information to identify you. rb- I covered the Nymi earlier and we have seen that the iWatch and other wearables are not secure so how can they log you?

Your voice as a passwordYour voice – Nothing is easier than saying a few words, and even the best impersonator can’t perfectly mimic another person’s voice. That’s why one big bank in Britain recently set up technology to identify customers on the phone or online by the sound of their voice. And yes, the system will still work if you have a cold.

Implants – This one is only for hardcore security geeks. Believe it or not, some people have already experimented with embedding a small RFID chip under their skin. The chip emits a radio signal that can theoretically be used to do everything from unlocking the door to an office and starting a car, to logging on to email.

rb-

The biggest problem with biometrics is getting people to use them. How many do you know would be willing to swallow a pill to login to each of their websites? It is a voluntary decision to  swallow pills to login to Facebook, Instagram or Google. What if you employer requires you to swallow pills to enter the building, login to Windows, your email, ERP, CRM, HR. What are the implications for privacy? Healthcare? Plumbing?

I wrote about the problems of adapting an eye based biometric system back in 2012.

The end-user will be the fundamental roadblock to any eye based biometrics. Traditionally, anything related to eye recognition has received strong resistance, because it is just human nature to be squeamish about having our eyes scanned.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Comments are closed.