It might be a chore to keep track of your passwords online. It is time-consuming and inconvenient to create long and complicated ones to deter hackers, especially if you have a lot of online accounts. Yet it is indispensable, given the ever-increasing cyber breaches around the world.
How cool would a future be where no one cares about hackers or data security, because passwords are no longer needed?
The good news is that many tech giants are working hard to make this vision a reality. Apple, Google and Microsoft I am among those who are trying to pave the way for you.
A world without a password
Fantastic! So there will be no need to remember endless words to verify identity, right? RIGHT? Let's go step by step.
In theory, removing passwords from the cybersecurity equation eliminates the weakest link in cybersecurity. According to Verizon, more than 80% of data breaches come from weak or stolen passwords.
The shot of the starter was given by Microsoft
In September the company of Bill Gates announced which would give users passwordless access to services like Windows, Xbox and Microsoft 365. Instead of apps like Windows Hello e Microsoft Authenticator that use fingerprints and facial recognition to log in.
Everything solved? Not yet. Joy Chik, Microsoft's vice president of authentication, says in a corporate blog post that tools like two-factor authentication have helped improve user security in recent years, but hackers can still get around these measures. "As long as passwords are still part of the equation," writes Chik, "users are vulnerable." He is right.
The other Big anti password
Google has had physical security keys for a while and an app, Smart Lock, which allows you to authenticate by pressing a link on your smartphone. In May 2021, the company confirmed that these tools are part of Google's work to "create a future where one day there will be no need for a password."
And Apple? In Cupertino they use functions touch ID e Face ID for several years. The company is also developing its own Passkeys function to bring the same facial or fingerprint recognition tools to create passwordless logins on their computers as well.
In short, will this future be there or not?
In a way, this passwordless future is already here. Microsoft says that “Almost 100%” of its employees already access their company accounts without passwords. But getting every company to do this is sure to take some time - it may take a while for everyone to feel confident enough to put them aside.
Also because there are still at least three major risks.
First: it is relatively easy for hackers to intercept verification codes sent by email or SMS. Even worse, hackers have shown themselves capable of fooling even facial recognition and fingerprints, sometimes stealing biometric data.
According to: some of today's passwordless options still ask you to create a PIN or security questions. Basically it is still a question of passwords: we definitely need to perfect the technology.
Third: there is a problem of widespread adoption. Most passwordless functions require the use of a smartphone or other modern gadget. They are devices that vary a lot. And that's not all: what about those who (it seems incredible, but there are) who don't have a smartphone? In Italy alone there are 11 million.
It will probably still take some time before passwords are completely extinguished. Be patient and train your mind: you will have to imagine long and complex sentences for a long time to come.