By: Sandeep Ganguly, CEO, U2opia Mobile
The concept of passwords has existed for a long time now. Ever since the day they were introduced, people went ga-ga over it because it was like protecting a safe from the hands of intruders. But, as time passed, things became complicated and nowadays, you have to use a different password for every other website that you want to visit. And, it is obviously difficult for an average user to remember 32 different passwords unless he is a super genius. Using just the passwords for verification of user accounts is no longer a safe bet due to the smarter ways by which hackers are able to get unauthorized access to your mobile devices.
You need not worry as there are many better alternatives that serve as an additional layer of authentication and security. So, the real question is, are passwords becoming more of a burden than a necessity? If yes, then what are the options for a user to verify his account to enter a particular website?
Data breach situations and single factor authentication
Over the years, IT experts have come up with various websites where the passwords of users have been successfully breached by hackers. These users include celebrities and those who make millions and billions. Any security breach makes users lose trust in the app and the corresponding company. Even if it is a small security breach, once users come to know about it, they won’t feel comfortable about downloading or using that app again. This has been possible because of the “hashed” passwords that the hackers got from the dump and this made it easier to know the current passwords. One of the main reasons why the single factor authentication of passwords has almost come to an end is because plain text passwords are becoming easier to crack. There are advanced hacking tools and software that have already been launched and it takes hardly a few minutes to break in.
The better alternatives
Since passwords are fast becoming a vulnerable option for users, there needs to be something that can successfully replace passwords. If you buy a smartphone these days, you will get a prompt to verify mobile number, so that the mobile phone company can have a record of your basic details. These details are quintessential to make sure the users suing the application are genuine and verified.
And most apps or sites that require registration are making use of multi-factor authentication, instead of just relying on passwords. This means after entering your password to login to a particular site or application, it prompts you to enter a verification code (OTP – One Time Password) that is sent to your registered mobile phone (via text or via a phone call). This way even if someone hacks your password, he / she won’t be able to access your online accounts as the verification code will be available with you on your phone. If an application is not already providing this additional security feature, you may make use of OTP applications.
As an alternative to passwords, biometrics has become highly popular in the recent times. You have to put in your fingerprint or retina scan, whichever option the machine gives you and then only you can get access to a particular set of information. This is probably the best way to enter a restricted room rather than entering a four digit passcode.
Using smart cards
When a small, thin card helps you get access to a room, you can forget about passwords and remembering what they are. A small touch on the touchpad will open the door and the best part is, you can carry them in your pocket or wallet. Similarly, hardware tokens also follow the same procedure except the fact that they are not big as the smart cards. They enable you secure internet access to your choice of sites or applications. This helps in restricting the user profile accessing internet. This ensures enhanced security and reduces chances of privacy theft and data piracy.
To summarize, relying only on passwords for verification of users is no longer a secured alternative. Many different smart security alternatives like OTP, biometrics, smart cards, etc. can help you to keep your mobile apps and devices safe.