Today is World Password Day but a range of alternative authentication methods is challenging passwords so that within the foreseeable future the day of awareness could become obsolete.

Biometrics  and cell phones are important to this replacement, with ongoing trials of how effective they might be. There is a flurry of activity in these areas to do away with passwords:

• The Samsung Galaxy S8 phone has an upgraded retinal scanner that can be used to unlock the phone, but that could be used as a second factor in authenticating to any number of online services. The phones also feature the more common fingerprint scanner.
• Rumors have LG adding facial recognition software to their LG G6 phones that could be used in a similar manner.
• Also, Alabama’s revenue department is trialing a face-recognition app from MorphoTrust that uses iPhones to scan taxpayers’ drivers licenses and to scan their face. The backend verifies the identity of the taxpayer by comparing the license image and uses that to authenticate the person filing an electronic return.
• Phones are also used to receive texts of one-time passwords, which does involve a password, but not one the user generates or changes at some point or has to remember for more than a second or two.
• Microsoft’s Hello enables Windows 10 users to login via facial recognition that employs an infrared camera and by scanning fingerprints. A patent application from the company indicates it’s looking at pairing a touchscreen stylus with gestures made on the screen to authenticate. 

Microsoft is putting a new spin on this with its Microsoft Authenticator service. Users try to login to their Microsoft accounts and receive texts on their phones asking whether it’s really them trying to access the account. They tap the “approve” button and are authenticated without a password. It’s only good for logging into Microsoft accounts.

To read this article in full or to leave a comment, please click here