Portland, Oregon 2021-07-24 00:40:25 –
ST. Louis (KTVI) – Do you hate trying to keep track of all your passwords? They may one day be a thing of the past.
With advances in biometrics, multi-factor authentication (MFA), and other technological advances, they are becoming increasingly obsolete.
Scott Schaffer, Chief Information Security Officer at Blade Technologies, explained that in the late 1990s and early 2000s, only 6-8 character passwords were needed to protect the system. He said it could take years to crack a password of that length.
Currently, there are more powerful computers and more sophisticated algorithms that can crack 8-character passwords in less than 3 hours.
Schaffer recently said he advised clients to use password managers and set long and unique passwords for each website. But he said a more powerful computer just around the corner wasn’t enough for a 12-15 character password.
So what does a passwordless world look like?
Schaffer represents the future of version 2 of the FIDO (Fast Identity Online), or FIDO2.
This technology allows individuals to authenticate users using digital unlocking systems such as Face ID and Touch ID on smartphones, device voice and PINs. This framework works on Windows, Mac and Android. This only needs to be done once.
Once the device is authenticated, the private cryptographic key stored in the machine’s Trusted Platform Module (TPM) is “handshaked” with the public cryptographic key used by the website or application.
According to Schaffer, the technology will allow users to log in to the site using their smartphones or security key devices and trade without entering a password because it doesn’t exist.
“If you know that all the big ransomware and big email spoofing are always tracking someone’s password,” he said. “That means if you don’t have a password, that means you can give it up.”
The TPM is the physical chip on the device’s main board. The TPM chip cannot be modified and cannot be accessed from outside the on-board device. This means that you will be protected if the tip is pried open.
All the major players in the tech industry have signed this concept, but the transition to a passwordless future doesn’t happen overnight.
But Schaffer said it wasn’t about whether it would come, but when it would come.
“Obviously, the quicker you can get rid of your password, the better it will be for all of us,” he said.
A future without passwords may be closer than you think Source link A future without passwords may be closer than you think