As passwords keep getting longer with stricter requirements (“your password must contain a minimum of 14 characters, a lower case letter, an upper case letter, a number, a punctuation mark, and a hieroglyph”) I can’t help but think “surely, there’s got to be an easier way!”
Ideally, each account should have a different password, and that password should change every few months (we’ve covered how to pick a password on the iiNet blog previously, as well as how long your password would take to hack).
There are a lot of options on the horizon to improve or even replace passwords. Over the next few years we’re going to see the existing technologies refined and new ideas cropping up. In fact, we’ve recently been evaluating a new Call Centre innovation to enhance security for our customers.
In true geek-style, we’re looking at voice recognition for customers. This will increase account security and we won’t have to play 20 questions with our customers every time they call. Because let’s face it – that game gets old fast!
So how exactly does voice recognition work? If you choose to enrol in the voice ID-check, we’ll ask you to repeat a phrase and this recording will become your “voice-print”. It’s like a fingerprint of your voice using unique characteristics to match the voice-print to the caller. The technology is so smart it can verify your identity by voice match even if you have a cold or if you’re standing in the middle of noisy Flinders St train station. Now that’s pretty cool.
But what will passwords of the future look like? Here are some alternatives that could make all our lives easier.
Physical security devices
Chinese company Geak has already designed a ring that will unlock your smartphone, simply by picking it up while you wear the ring.
An increasing number of banks now offer “security tokens” to use with online banking – either as a physical piece of hardware, or through a smartphone app. My own bank uses the app version – each time I make a transaction through my internet banking, I open up the app which has been linked to my account with its own identification number, and it generates a one-time code that works for thirty seconds. Without a token code, no money can be transferred out of my account, keeping my account secure.
Password in a pill? Or electronic tattoo?
Regina Dugan, head of research for Motorola, has unveiled a “password pill,” powered by stomach acid. When the “authentication vitamin” is swallowed, the acid in your stomach activates a miniscule chip, which emits an authentication signal that can be used in place of a password.
Motorola has also shown off an “electronic tattoo” (more like a sticker than the traditional ink tattoo) which includes sensors and an antenna to detect your devices send a signal to them in place of a password.
Biometrics – using our unique features
Back in 2004, IBM introduced fingerprint readers into laptops. I remember when my mum first got a laptop with a fingerprint reader – it felt like the future had arrived. It seemed like something straight out of a sci-fi movie. She never ended up using it and I don’t recall a lot of other people who did either. But biometrics is an interesting area that holds a lot of potential.
Some Android phones already offer face recognition as a method of unlocking, and it’s rumoured that Apple is looking into similar technology. Voice recognition is also an interesting idea – a passphrase or sentence can be spoken using a computer microphone for online authentication or over the phone as part of an IVR.
Two-factor authentication is becoming increasingly popular – Google, Twitter and Facebook now all offer it. The standard password still exists, but you can add a second layer of security as a backup if your password is ever compromised. If an unknown browser tries to access my Facebook account, for example, a page is presented asking for a randomly generated code, which has been sent to my phone via a text message. They can’t get in without physical access to my mobile phone, and I can immediately change my password.
What would be the ideal password replacement for you?