PayPal: Passwords Are Dead, Long Live Biometric Security
PayPal's Chief Information Security Officer (CISO), Michael Barrett, believes 2013 will be the year the password as we know it dies. In a more theatrical moment of the keynote speech at the Interop IT conference, Barrett pointed to a slide depicting a tombstone for passwords with the dates 1961 to 2013 etched across.
The problem, Barrett explains, is that passwords have outlived their usefulness as a security method due to the sheer number of applications and services requiring passwords. Users have dozens of accounts across multiple services. So to cope the the sheer number of password prompts, users tend to reuse the same password and username combinations across the Internet.
"Users will pick poor passwords and then they'll reuse them everywhere," Barrett said. "That has the effect of reducing the security of their most secure account to the security of the least secure place they visit on the Internet."
So what are the alternatives?
Two-factor verification, which has been used by major companies like Google and Apple, requires users to carry a trusted device, like a smartphone, in order to access accounts from new devices or to make purchases. The system typically requires a user to enter both their password and a randomly generated code sent to their trusted device, which can be inconvenient.
Other two-factor solutions, like a password keyring which users carry at all times, offer good security but could become cumbersome if multiple services have their own systems.
The Fast Identity Online Alliance (FIDO), formed two years ago in an effort to establish new, more secure, online authentication standards. The group, which Barrett is the president of, suggests a focus on a combination of effective software and hardware is the proper solution. With biometrics, users can be more secure without the need to craft multiple passwords, and can use their voice, eyes and fingerprints as a means of unlocking devices and applications.
The FIDO standard, according to PCmag, would have users authenticate themselves to a device with a biological factor like, say, a fingerprint. The FIDO Alliance software on a device would then authenticate the user with a service.
The beginnings of an established FIDO standard could start very soon. While the PayPal executive didn't give any hints towards his company's security direction, he did hint at others. During Friday's keynote, Barrett suggested a major technology company based out of Cupertino, Calif., will produce a phone with a built-in fingerprint reader.
"There is going to be a fingerprint enabled phone on the market later this year," he said, according to MacWorld. "Not just one, multiple."
But, as Barrett noted, adopting, and getting consumers to accept, such security protocols will still take years.
LivingSocial Hacked: Hackers Steal Over 50 Million Names, Emails, And Passwords; Change Yours Now
Hackers have breached the LivingSocial security system to steal information, including encrypted passwords, from more than 50 million accounts.
People Over 55 Choose More Secure Passwords than Teenagers: Study
Passwords chosen by people over the age of 55 are stronger and more secure than the ones chosen by teenagers. That's what the largest study on password security revealed recently.
Windows Phone Gets Official PayPal App
The Windows Phone Marketplace just keeps growing and growing. Per reports, PayPal has released an official app for the Windows Phone OS. The new app provides almost every service and functionality that users find in its iOS and Android counterparts.
Don't Take Any Chances: Wireless Home Security Cameras for the Safety of Your Family
Although the chances of infiltration are fairly slim, it is still very important that you safeguard your family with all you've got! Here are a few wireless home security cameras that could help you.
Android Pay Giddies Up With PayPal To Mobile Payments
PayPal and Google are no longer rivals when it comes to mobile payments as Android Pay moves to integrate the online payments platform services into the app.
PayPal And Amazon Emails To Be Deleted Quickly, Reported As Phishing Scams
2017 is yet another strong year for scammers to make their mark. As early as today, they have already devised a new phishing scam which will trick any Amazon or PayPal user towards clicking a particular link that will then expose every bit of information regarding their account.
MORE IN ITECHPOST
Elon Musk’s Brain Microchip Neuralink Will Allegedly Cure Depression and Addiction
Elon Musk founded Neuralink in 2016, but what is the purpose of this brain-implanted computer chip? Musk has revealed additional details that you may find interesting.
Spotted in Deep Space: Never Before Seen Four Mystery Objects
A few mysterious objects that haven't been seen until now have recently been spotted in deep space thanks to massive radio telescopes.
A Leaker May Have Confirmed The Release Date Of 'Resident Evil Village'
A leaker who has been reliable in the past regarding Resident Evil may have revealed the release date of Resident Evil Village.