Pay your bills online? Password. Amazon Prime shopper? Password. Need to login into your Instagram? Password.
Every account we use online requires a password, and the risks associated with weak or compromised passwords have become astronomical. Biometric technology has been touted as a brave new solution to this problem, but can biometrics alone provide any more security than passwords? Corey Nachreiner, Chief Technology Officer at WatchGuard shared his thoughts on this subject and the importance of multifactor authentication (MFA) in a recent a Dark Reading article:
“Our trust in authentication systems has eroded of late, largely because of the seemingly endless torrent of massive credential leaks from well-known Web service providers. For example, in mid-November we learned attackers accessed around 330 million AdultFriendFinder accounts, including plaintext and hashed passwords. Researchers have already cracked 99.3% of those passwords. This deluge of credential leaks has caused the security industry to re-examine our authentication systems, and especially our reliance on passwords.
I don’t think passwords are the problem. Instead, I believe no authentication token is infallible. The only real solution to this problem is multifactor authentication (MFA). Right now, we use biometrics as a single token replacement for passwords. We need to use biometrics as one of at least two tokens.”
For more on this topic, read Biometric Technology Is Not A Cure-All For Password Woes in full on Dark Reading.