Published: June 28, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
Let’s be honest, using strong and unique passwords for every online account can be a frustrating, cumbersome, and time-consuming effort. Being human, the temptation to reuse passwords across multiple accounts surely exists. But in doing so, we know poor password hygiene can lead to cyberattacks, especially for accounts using the same password. Cyber history has shown us repeatedly that password reuse is very risky, yet we do it anyway. Now, the idea of passing on passwords to verify our identity are taking shape. But with dismal password use still going on, it’s an idea whose time may be now.
Powerful Password Stats
According to Comparitech, 50% of users are ready for an alternate method to passwords. With that in mind, the company shares some scary stats on password use that if nothing else, show alternative authentication methods are a welcome idea.
75% of Americans are frustrated with passwords
Nearly 66% of people reuse the same password on multiple accounts
Employees use the same password an average of 13 times
IT professionals reuse passwords more than the average user
80% of hacking-related breaches are linked to passwords
Who wouldn’t want an easy option to all those bulky passwords? Well, like-minded security pros are creating options that would tackle the password problem. Put into practice, these alternatives have their own issues to sort through before they’re perfected, but it’s a start.
Pros: Alternative methods being used are OTP (one-time passwords), pin codes, biometrics, and others. The goal is giving users a way to authenticate their identity without relying on passwords. These methods include using alternate options such as something you know, own, or are. The alternatives use things like a smartphone, hardware token, OTP, or a biometric measure like a fingerprint.
Cons: Each of these authentication options have their own drawbacks. Think, crumbs on a finger not allowing a fingerprint to work, or typing the OTP incorrectly. Doing so can bring the default authentication option into play, which is providing your password – exactly what these alternate methods look to avoid.
In the Meantime…
Until these alternate authentication methods reach a level that doesn’t default to passwords as backup, we’re left to rely on what we already use – those same passwords. One thing to remember is always use a strong, unique password for all accounts, no matter how frustrating it may be to remember them all. If you have to write them down, do so. Just be sure to keep them off your computer and locked away where they can’t be easily seen. Password managers may also be an option, but keep in mind that if the company holding your passwords and/or your master password are stolen, so are all the rest of your passwords. This happened recently with Passwordstate.
Fun fact: Comparitech finds it takes 62 trillion times longer to crack a 12-character password than one with six characters. While we wait for passwords to become history, make yourself comfortable, it could take a while.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org