Pin It

Past Passwords: The Future of Login Security

If you’ve logged into your Payza account recently or been following our blog, you’ve noticed that we rolled out a new Payza account layout, including an extra verification method for your login process. Now, in addition to entering your password, you can also set up a customized avatar and welcome message that confirm you are at the secure Payza site.  This enhanced security measure greatly reduces the threat of phishing.

However, in most cases, a password is the only thing that separates cybercriminals from your entire digital life. Skilled hackers can crack weak passwords in less than 3 minutes. All the more reason to make sure you have strong passwords, right?

Actually, you may not have to use passwords at all for much longer. Apple and Microsoft have already begun incorporating fingerprint-sensor technology into their latest releases, while Google is publicly discussing the possibility of replacing passwords with a piece of physical hardware, such as a ring, which can be used to prove your identity.

The Problem with Passwords

It’s no state secret that passwords are your only line of defense against becoming a victim of identity theft or having your personal data destroyed, yet many people still use laughingly weak passwords like “abc123”, and a third of people still use the same password for every site. If that includes you, then any hacker who gets a hold of your login credentials for any site could have access to your entire online life.

Just think about how many passwords you use on a regular basis, from email, online banking and social media to your ATM PIN, WIFI network key and home alarm system. Not to mention your cell phone; 32% of people save their login information when they access websites on their phones, but 62% do not secure their phone with a password!

You may like to think a strong password is all you need to be safe, but unfortunately it’s not that simple. There are still ways for hackers to get your password, no matter how strong it may be, such as key-logging software, which can install itself on your computer while browsing insecure websites and record everything you type.

Just like Payza’s Advanced Security Setup, Google has already introduced two-step verification, because they realize that a single barrier to entry for your personal information is simply not good enough. But many internet users still do not use two-step verification, so the world’s leading technology companies are looking for a better solution – one which addresses the problems of both security and usability.

The Alternatives

The security landscape is changing rapidly as more people use their smartphones to access sensitive data, both privately and in the workplace. While mobile devices offer a new avenue of access for cybercriminals, in the future they may actually be a benefit to user security. Most mobile devices include a microphone and camera and can pinpoint the user’s location, and Apple’s new iPhone will include a fingerprint sensor, which will ease the transition to biometric identification.

Microsoft’s latest operating system, Windows 8.1, was released in October with fingerprint-based biometrics. This will be particularly useful to businesses dealing with sensitive data, such as those in the financial industry, for ensuring that only authorized individuals can access their servers.

Google, meanwhile, currently has its sights set on hardware. One proposal is that users could be protected by a USB token – when the user plugs it into their computer’s USB port, it would communicate its identity with the host server and grant the user access accordingly. This could also be achieved using near-field communication (NFC) or Bluetooth devices.

A more sci-fi possibility has been suggested by researchers at the University of California, Berkeley – brainwave authentication. The idea of a “passthought” came about after test subjects were made to wear brain-wave-measuring headsets and asked to imagine performing a particular task. Researchers found that they were able to distinguish between test subjects 99% of the time.

Whatever the future of security holds, in the meantime you should do everything you can to behave securely and responsibly online. It’s easy to think “it could never happen to me” but hardly a day goes by that a new story of a high-profile account hack comes to light. Don’t let yourself be a victim.

Subscribe to the Payza Blog to keep receiving the latest information about online security.