It’s clear to see that the internet landscape is ever changing. We see news story after news story of accounts and businesses that have fallen victim to hacks and malicious users accessing private data for ulterior motives. In order to better combat these attacks, the minds at Google have been hard at work formulating new ways that people will access information that has previously required a password to access. We’re becoming intimately familiar with the consequences of your medical history, social media information, or other seemingly innocuous information falling into the wrong hands, leading to rampant identity theft.
While Google is strictly looking at ways to better protect email accounts, the question begins to be raised if other password protected profiles and documents need the same overhaul. Back in 2012, technology guru Mat Honan stated in Wired magazine that our reliance on the password to protect our information is soon coming to an end. While his statements might have been a little too grandiose, he was on the right track.
As it stands now, we have already seen a decline in the use of passwords as the sole protection over an account. It is not uncommon for many online banking sites to require several authentication methods such as passwords, security questions and dates of birth in order to confirm your identity.
Depending on the online service that you are using, steps that reach even further beyond multiple questions might already be in play. For some, other layers of authentication come from their mobile devices, which works through a secure server and a messaging program such as a text service or email. When an account is needed to be accessed, a message will be relayed to the home server. This home server will then shoot out a unique access code to the user’s mobile device that once entered into the program, will allow them entry.
Thinking Outside of Software
While mobile authentication is certainly one direction things could go, there is a wide variety of other options that have become available as more technological feats are accomplished. One such security measure that has been speculated is the use of computer recognition, or what some are calling the “browser fingerprint”. We are not talking about facial scanning or physical fingerprinting (although that could be an option as well, which modern laptops and phones use) research that is being done in this area is more focused on user behavior that is consistent with the owner’s browsing and internet habits. If information is trying to be accessed from a location that is not on par with what is normal, the account would lock that user out and send an alert to the rightful owner. However, this fingerprinting technology is currently being used for online tracking by advertisers, which is honestly a bit creepy from a privacy perspective.
Another option that is in line with the minds at Google is something that is more tangible to the user. This line of thinking shows things like a small keychain curio or dog-tag type medal that would be scanned to a machine in order to validate that the correct user is accessing the information that is meant for them. Things like these existed for a long time within hotels and resorts, who have been capitalizing for years with key-less entry systems to guest’s rooms. Google’s current physical password “Security Key” is a USB dongle that serves as a physical 2nd step of authentication, which would serve as a neat alternative for those that would worry about their phones being compromised, whether through theft or if the company you work for owns your phone and requires you to get a new one.
Whichever the future holds, it’s clear that the password will not be eradicated completely. All of these authentication systems still rely on some sort of password entry, how exactly this is going to be done however is still as elusive as a locked chest behind a closed door.