Passwords under threat as tech giants seek tougher security / Photo: Chris Delmas - AFP/File
-
Right wing urges boycott of iconic Brazilian flip-flops
-
From misfits to MAGA: Nicki Minaj's political whiplash
-
Foster grabs South Africa winner against Angola in AFCON
-
Russia pledges 'full support' for Venezuela against US 'hostilities'
-
Spotify says piracy activists hacked its music catalogue
-
Winter Olympics organisers resolve snow problem at ski site
-
Fuming Denmark summons US ambassador over Greenland envoy
-
UK's street artist Banksy unveils latest mural in London
-
Rugby players lose order challenge in brain injury claim
-
UK singer Chris Rea dies at 74, days before Christmas
-
Last of kidnapped Nigerian pupils handed over, government says
-
Zambia strike late to hold Mali in AFCON opener
-
Outcry follows CBS pulling program on prison key to Trump deportations
-
Sri Lanka cyclone caused $4.1 bn damage: World Bank
-
Billionaire Ellison offers personal guarantee for son's bid for Warner Bros
-
Tech stocks lead Wall Street higher, gold hits fresh record
-
Telefonica to shed around 5,500 jobs in Spain
-
McCullum wants to stay as England coach despite Ashes drubbing
-
EU slams China dairy duties as 'unjustified'
-
Italy fines Apple nearly 100 mn euros over app privacy feature
-
America's Cup switches to two-year cycle
-
Jesus could start for Arsenal in League Cup, says Arteta
-
EU to probe Czech aid for two nuclear units
-
Strauss says sacking Stokes and McCullum will not solve England's Ashes woes
-
Noel takes narrow lead after Alta Badia slalom first run
-
Stocks diverge as rate hopes rise, AI fears ease
-
Man City players face Christmas weigh-in as Guardiola issues 'fatty' warning
-
German Christmas markets hit by flood of fake news
-
Liverpool fear Isak has broken leg: reports
-
West Indies captain says he 'let the team down' in New Zealand Tests
-
Thailand says Cambodia agrees to border talks after ASEAN meet
-
Alleged Bondi shooters conducted 'tactical' training in countryside, Australian police say
-
Swiss court to hear landmark climate case against cement giant
-
Knicks' Brunson scores 47, Bulls edge Hawks epic
-
Global nuclear arms control under pressure in 2026
-
Asian markets rally with Wall St as rate hopes rise, AI fears ease
-
Jailed Malaysian ex-PM Najib loses bid for house arrest
-
Banned film exposes Hong Kong's censorship trend, director says
-
Duffy, Patel force West Indies collapse as NZ close in on Test series win
-
Australian state pushes tough gun laws, 'terror symbols' ban after shooting
-
A night out on the town during Nigeria's 'Detty December'
-
US in 'pursuit' of third oil tanker in Caribbean: official
-
CO2 soon to be buried under North Sea oil platform
-
Steelers edge Lions as Bears, 49ers reach playoffs
-
India's Bollywood counts costs as star fees squeeze profits
-
McCullum admits errors in Ashes preparations as England look to salvage pride
-
Pets, pedis and peppermints: When the diva is a donkey
-
'A den of bandits': Rwanda closes thousands of evangelical churches
-
Southeast Asia bloc meets to press Thailand, Cambodia on truce
-
As US battles China on AI, some companies choose Chinese
NYSE - LSE
| SCS | 0.12% | 16.14 | $ | |
| RYCEF | -0.71% | 15.5 | $ | |
| RBGPF | 0.96% | 81 | $ | |
| VOD | 0.16% | 12.86 | $ | |
| CMSD | -0.22% | 23.2 | $ | |
| CMSC | 0.34% | 23.25 | $ | |
| NGG | 0.16% | 76.235 | $ | |
| RELX | 0.57% | 40.963 | $ | |
| BCE | -1.22% | 22.565 | $ | |
| RIO | 2.29% | 80.155 | $ | |
| BTI | 0.27% | 56.6 | $ | |
| GSK | -0.09% | 48.565 | $ | |
| AZN | 0.11% | 91.465 | $ | |
| JRI | -0.08% | 13.369 | $ | |
| BCC | -0.88% | 74.115 | $ | |
| BP | 0.83% | 34.225 | $ |
Passwords under threat as tech giants seek tougher security
Fingerprints, access keys and facial recognition are putting a new squeeze on passwords as the traditional computer security method -- but also running into public hesitancy.
"The password era is ending," two senior figures at Microsoft wrote in a July blog post.
The tech giant has been building "more secure" alternatives to log in for years -- and has since May been offering them by default to new users.
Many other online services -- such as artificial intelligence giant OpenAI's ChatGPT chatbot -- require steps like entering a numerical code emailed to a user's known address before granting access to potentially sensitive data.
"Passwords are often weak and people re-use them" across different online services, said Benoit Grunemwald, a cybersecurity expert with Eset.
Sophisticated attackers can crack a word of eight characters or fewer within minutes or even seconds, he pointed out.
And passwords are often the prize booty in data leaks from online platforms, in cases where "they are improperly stored by the people supposed to protect them and keep them safe," Grunemwald said.
One massive database of around 16 billion login credentials amassed from hacked files was discovered in June by researchers from media outlet Cybernews.
The pressure on passwords has tech giants rushing to find safter alternatives.
- Tricky switchover -
One group, the Fast Identity Online Alliance (FIDO) brings together heavyweights including Google, Microsoft, Apple, Amazon and TikTok.
The companies have been working on creating and popularising password-free login methods, especially promoting the use of so-called access keys.
These use a separate device like a smartphone to authorise logins, relying on a pin code or biometric input such as a fingerprint reader or face recognition instead of a password.
Troy Hunt, whose website Have I Been Pwned allows people to check whether their login details have been leaked online, says the new systems have big advantages.
"With passkeys, you cannot accidentally give your passkey to a phishing site" -- a page that mimics the appearance of a provider such as an employer or bank to dupe people into entering their login details -- he said.
But the Australian cybersecurity expert recalled that the last rites have been read for passwords many times before.
"Ten years ago we had the same question... the reality is that we have more passwords now than we ever did before," Hunt said.
Although many large platforms are stepping up login security, large numbers of sites still use simple usernames and passwords as credentials.
The transition to an unfamiliar system can also be confusing for users.
Passkeys have to be set up on a device before they can be used to log in.
Restoring them if a PIN code is forgotten or trusted smartphone lost or stolen is also more complicated than a familiar password reset procedure.
"The thing that passwords have going for them, and the reason that we still have them, is that everybody knows how to use them," Hunt said.
Ultimately the human factor will remain at the heart of computer security, Eset's Grunemwald said.
"People will have to take good care of security on their smartphone and devices, because they'll be the things most targeted" in future, he warned.
L.Mason--AMWN