Security News > 2021 > November > The world’s worst kept secret and the truth behind passwordless technology

The world’s worst kept secret and the truth behind passwordless technology
2021-11-11 06:00

The fundamental flaw is that passwords are a "Shared secret." This means that both sides of the exchange are in on the secret and have it stored.

Passwords become the proxy identifier for the users, and users often choose passwords that relate to something in their lives, including names and important dates, to make them easier to remember.

While some users have followed expert advice and opted for more complicated passwords with the help of a password generator, they remain at risk because the techniques previously mentioned simply don't care whether the password is four or four hundred characters long.

Given all the associated drawbacks of passwords, the headaches they create for users and the security risks and management overheads that organizations are burdened with - from password resets to account recovery - the search for more streamlined, secure ways to verify users and their identities should be a strategic security priority.

A truly passwordless approach removes both the security risks inherent in passwords and legacy MFA approaches that rely on passwords or other forms of shared secrets.

We need to move rapidly towards a world where we never have to ask another user to create a password.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/nJ9ftUFfybM/