Passwords under threat as tech giants seek tougher security / Photo: Chris Delmas - AFP/File
-
Stocks, gold steady amid political upheaval
-
'Veggie burgers' face grilling in EU parliament
-
Trio wins physics Nobel for quantum mechanical tunnelling
-
Two years after Hamas attack, Israelis mourn at Nova massacre site
-
German factory orders drop in new blow to Merz
-
Man City star Stones considered retiring after injury woes
-
Kane could extend Bayern stay as interest in Premier League cools
-
Renewables overtake coal but growth slows: reports
-
OpenAI's Fidji Simo says AI investment frenzy 'new normal,' not bubble
-
Extreme rains hit India's premier Darjeeling tea estates
-
Raducanu retires from opening match in Wuhan heat with dizziness
-
UK's Starmer condemns pro-Palestinian protests on Oct 7 anniversary
-
Tokyo stocks hit new record as markets extend global rally
-
Japan's Takaichi eyes expanding coalition, reports say
-
Canadian PM to visit White House to talk tariffs
-
Indonesia school collapse toll hits 67 as search ends
-
Dodgers hold off Phillies, Brewers on the brink
-
Lawrence sparks Jaguars over Chiefs in NFL thriller
-
EU channels Trump with tariffs to shield steel sector
-
Labuschagne out as Renshaw returns to Australia squad for India ODIs
-
Open AI's Fidji Simo says AI investment frenzy 'new normal,' not bubble
-
Tokyo stocks hit new record as Asian markets extend global rally
-
Computer advances and 'invisibility cloak' vie for physics Nobel
-
Nobel literature buzz tips Swiss postmodernist, Australians for prize
-
Dodgers hold off Phillies to win MLB playoff thriller
-
China exiles in Thailand lose hope, fearing Beijing's long reach
-
Israel marks October 7 anniversary as talks held to end Gaza war
-
Indians lead drop in US university visas
-
Colombia's armed groups 'expanding,' warns watchdog
-
Shhhh! California bans noisy TV commercials
-
Greene Concepts Calls for Action on U.S. Water Insecurity Highlighted by L.A. Times
-
Telomir Pharmaceuticals Announces New Findings in a Prostate Cancer Model Demonstrating Telomir-1 Also Resets DNA Methylation of Tumor Suppressor Genes Implicated in Two of the Most Persistent Challenges in Oncology-Metastasis and Treatment Resistance
-
Medicus Pharma Ltd. to Present at the Family Office Summit in Dubai, UAE
-
Capstone Accelerates Path to $100M Run-Rate; Signs LOI to Acquire $15M Stone Distributor-Immediately Accretive
-
Intrusion Inc. Launches Shield Cloud Availability in AWS Marketplace
-
Nextech3D.ai Expands Blockchain Ticketing Strategy With Acquisition of EventToken.com, EventDrop.io, and NextechTickets.com, Raises $595,000
-
E-Cite Motors Eliminates Additional 671,000 Shares Through Debt Reduction, Continuing Aggressive Efforts to Minimize Dilution and Build Shareholder Value
-
McFarlane Issues NI 43-101 Mineral Resource Estimate on Its Juby Gold Project
-
Desert Oasis Healthcare Recognizes American Pharmacists Month
-
EMCORE Reintroduces the Industry-Favorite DSP-1750 Fiber Optic Gyroscope with Next-Generation Performance and Design
-
Ur-Energy Participates in TD Cowen's 10th Annual Nuclear Fuel Cycle and Next Generation Nuclear Roundtable
-
The 7 Virtues Launches Buttercream Haze, The Rebel Gourmand
-
Las Vegas, Are You Ready for the Hoedown of the Year?
-
Star Copper Phase 2 Drilling Continues to De-Risk and Expand Footprint to West and North at Star Main System
-
Sales of Licensed Branded Consumer Products Grow 3.4% to Reach $79.3 Billion in Europe, Outpacing Inflation
-
Tocvan Announces Initial Findings From Drone Magnetic Survey At Gran Pilar Gold-Silver Project: Discovery Of Structural Complex In South Block Aligns With Permitted Drill Targets
-
LIRG(TM) Appoints Kurt Dinkelacker as Chief Financial Officer
-
HotelRunner and Visa Partner Globally to Power Embedded and Autonomous Finance in Travel
-
IXOPAY Acquires Congrify, Bringing AI-Powered Insights to Global Payment Orchestration, Tokenization and Compliance
-
Trump 'happy' to work with Democrats on health care, if shutdown ends
NYSE - LSE
Passwords under threat as tech giants seek tougher security
Fingerprints, access keys and facial recognition are putting a new squeeze on passwords as the traditional computer security method -- but also running into public hesitancy.
"The password era is ending," two senior figures at Microsoft wrote in a July blog post.
The tech giant has been building "more secure" alternatives to log in for years -- and has since May been offering them by default to new users.
Many other online services -- such as artificial intelligence giant OpenAI's ChatGPT chatbot -- require steps like entering a numerical code emailed to a user's known address before granting access to potentially sensitive data.
"Passwords are often weak and people re-use them" across different online services, said Benoit Grunemwald, a cybersecurity expert with Eset.
Sophisticated attackers can crack a word of eight characters or fewer within minutes or even seconds, he pointed out.
And passwords are often the prize booty in data leaks from online platforms, in cases where "they are improperly stored by the people supposed to protect them and keep them safe," Grunemwald said.
One massive database of around 16 billion login credentials amassed from hacked files was discovered in June by researchers from media outlet Cybernews.
The pressure on passwords has tech giants rushing to find safter alternatives.
- Tricky switchover -
One group, the Fast Identity Online Alliance (FIDO) brings together heavyweights including Google, Microsoft, Apple, Amazon and TikTok.
The companies have been working on creating and popularising password-free login methods, especially promoting the use of so-called access keys.
These use a separate device like a smartphone to authorise logins, relying on a pin code or biometric input such as a fingerprint reader or face recognition instead of a password.
Troy Hunt, whose website Have I Been Pwned allows people to check whether their login details have been leaked online, says the new systems have big advantages.
"With passkeys, you cannot accidentally give your passkey to a phishing site" -- a page that mimics the appearance of a provider such as an employer or bank to dupe people into entering their login details -- he said.
But the Australian cybersecurity expert recalled that the last rites have been read for passwords many times before.
"Ten years ago we had the same question... the reality is that we have more passwords now than we ever did before," Hunt said.
Although many large platforms are stepping up login security, large numbers of sites still use simple usernames and passwords as credentials.
The transition to an unfamiliar system can also be confusing for users.
Passkeys have to be set up on a device before they can be used to log in.
Restoring them if a PIN code is forgotten or trusted smartphone lost or stolen is also more complicated than a familiar password reset procedure.
"The thing that passwords have going for them, and the reason that we still have them, is that everybody knows how to use them," Hunt said.
Ultimately the human factor will remain at the heart of computer security, Eset's Grunemwald said.
"People will have to take good care of security on their smartphone and devices, because they'll be the things most targeted" in future, he warned.
L.Mason--AMWN