Improving security means killing the password, but that battle has just begun

Samsung Fingerprint Sensor Login Biometric

(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

Passwords are often cited as the biggest problem with modern digital security. They’re supposed to be complicated, unique, and ever changing, and yet few follow through with those tenets of strong password protections. That leads to reuse attacks or brute force hacks, which is why many security researchers are pushing to eliminate passwords altogether. Yet not everyone believes the security issue of our time is passwords. For some, it’s how those passwords are stored.

Want to stop hackers? Don’t give them something to hack

George Avetisov, the CEO of Hypr, believes the biggest problem facing modern digital security is password centralization. He points out that a secure password is pointless if it can be stolen when a company that maintains login information is hacked. Instead, Hypr wants to store login credentials – whatever they are – on the end user’s device.

When your bank gets hacked, you don’t lose your house keys because they’re in your pocket.

“When you authenticate through Hypr, your credentials are authenticated on your device locally and they are used to send a token to the bank, which is then approved,” he explained.

That, he says, makes companies far less attractive to hackers, as they can’t gain information on all users at the same time. It also clears up the problem of password reuse, since hackers can’t take stolen credentials and use them to breach another service.

“The analogy I like to think of is that when your bank gets hacked, you don’t lose your house keys because they’re in your pocket,” Avetisov told Digital Trends. “The only way for someone to steal them is to physically remove them from your pocket. That’s what decentralization is. It turns your password, your credentials, into something more like your house keys and less like your current password.”

While Avetisov is bullish about the future of security through decentralization, he doesn’t believe the average consumer will ever learn to take password security seriously. That’s why it’s important for companies to do something about preventing password reuse by removing the ability to attack everyone at the same time. That doesn’t solve reuse itself but ensures reuse attacks can’t be perpetrated on a mass scale.

A world beyond passwords means a world of convenience

Companies like Trusona, on the other hand, would rather focus on moving people beyond passwords entirely. That seems like a viable goal: The public likes the idea of logging into sites and services without passwords. In a recent research report Trusona published, 70 percent of participants opted to use a password-free login system with multi-factor authentication. That group enjoyed a 99 percent login success rate during the study, while those who used passwords saw a success rate of just 56 percent – often requiring reminders to help them login.

Although a multi-factor authentication system is more secure, Trusona believes the choice is often one of convenience, which could be the key to moving to a more secure, password-free future.

“The most successful authentication systems lead with user experience, but as a means for better security.”

“There’s a very real desire to get rid of passwords,” Trusona chief design officer Kevin Goldman told Digital Trends. “While some of that is rooted in anxiety around the security of information online, it’s mostly because of password rage. Consumers default to convenience, and when things aren’t easy to use, they find a workaround. It’s why most reuse passwords and why personal security practices are so sloppy.”

While convenience might be the key to moving consumers beyond passwords, that goes hand in hand with improving the security of the authentication system, too.

“The most successful authentication systems lead with user experience, but as a means for better security,” Trusona CEO Ori Eisen said. “The most widely adopted authentication system [of the future] will be the one that’s easiest to use.”

Although Eisen told us he’s not as sold on the idea of decentralized login credentials aas Hypr’s Avetisov, they both agree smartphones will hold the key to future improvements in our digital security. Where Avetisov believes smartphones should hold login credentials – acting as a form of multi-factor authentication as well as killing centralized password databases – Eisen believes they can be used for a mixture of login possibilities. Whether it’s in taking a picture of yourself holding photo ID, as TruSona uses in some of its more intense fraud prevention strategies, or through biometrics.

The password is dead, but it’s collateral damage

Both men see passwords as a dying technology. While Avetisov sees potential in strong passwords, he and Eisen are both keenly aware of how unpopular password logins are becoming. “The mainstream adoption of biometrics is effectively killing passwords as a primary authenticator and as a user experience,” Avetisov said.

George Avetisov
George Avetisov, CEO of Hypr George Avetisov

Eisen echoed his sentiments, claiming that the death of the password as the primary form of authentication wasn’t “a matter of if, it’s a matter of when.” Whether for convenience sake or to further improve our own personal security, the influence of passwords is likely to wane significantly in the years to come. While Eisen wants to accelerate that, Avetisov sees it as a byproduct of authentication evolution.

“Our goal is not to kill the password,” Avetisov said. “It is to kill the problem caused by passwords.”

Updated 06/27/18 to normalize Trusona capitalization.

Mobile

Tech Armor says its new screen protector improves iPhone performance. We tested it

Tech Armor has a new screen protector for the iPhone, the Enhance, that can redirect harmful radiation, while improving cell signal and battery life. Skeptical? So were we, so we put it to the test.
Product Review

Stop stringing cords and replacing batteries with Ring's Spotlight Cam Solar

We like outdoor wireless cameras but dread the low-battery warning that inevitably comes with them. We tested the Ring Spotlight Cam Solar to see if it was the answer to our dead-battery prayers.
Gaming

Will Antonio Brown fall victim to the Madden Curse?

Join us as we take a tour through the long-running history of the Madden Curse -- and Tom Brady's recent accolades. We all know John Madden is a longtime NFL talent, but is he also an agent of dark forces?
Mobile

Samsung reportedly planning to retire Plus series after Galaxy S10 Plus

It may be no more than a sparkle in Samsung's eye, but the Samsung Galaxy S10 is definitely coming. Here's everything we know about what's sure to be Samsung's most amazing creation so far.
Photography

How Huawei and Leica made a camera phone so good, we ditched our DSLR

What makes the Leica-designed Huawei P20 Pro camera so good? We traveled to Leica’s HQ in Wetzlar, Germany to hear it from the source. In short, it took a lot of experience, technology, and passion.
Smart Home

The Brava Oven uses light – and seemingly magic – to cook. It changes everything.

The creators of the Brava Oven knew that there had to be a better, more efficient way of cooking, and they set out to find it. The Brava, which cooks with light, was born, and their invention will turn everything we know about cooking…
Mobile

Fuchsia could eventually replace Android, but it's years away from doing so

Details have emerged about a new operating system Google's developers are working on dubbed Fuchsia OS. Here's everything we know about Google's mysterious new operating system so far.
Mobile

How to improve your Android privacy

If you have an Android device and you’re concerned about your privacy, then we have a few tips for you. Learn about the settings you can change to improve your Android privacy and safeguard your personal data.
Social Media

What is Reddit? A beginner’s guide to the front page of the internet

So, what is Reddit exactly? Here, we breakdown the terminology, perks, and various inner workings of everyone's favorite social platform. Understanding the self-proclaimed "front page of the internet" has never been so easy.
Computing

Chrome is still our favorite browser (but Firefox is catching up!)

Choosing a web browser for surfing the web can be tough with all the great options you have out there. Here we pit the latest versions of Chrome, Opera, Firefox, Edge, and Vivaldi against one another to find the best browsers for most…
Movies & TV

First poster for 'Aquaman' accompanies news of when we'll see the first trailer

Jason Momoa will bring Aquaman back to the big screen for a solo feature in December 2018. Here's everything we know so far about the aquatic superhero's live-action adventure in the DC Extended Universe.
Gaming

The best PlayStation 4 games

Looking for the best PS4 games out there? Out of the massive crop of titles available, we selected the best you should buy. No matter what your genre of choice may be, there's something here for you.
Gaming

Want to play Minecraft with friends? Here's how to start your own server

Whether you're hosting a server for a few friends or launching a massive effort to recreate your favorite show's world, you've got options for hosting your own Minecraft Server.
Mobile

Apple's new quick-charging adapter may only be available with 2018 iPhones

Apple's 2018 iPhone range is still a mystery. How many models will launch? What will they be called, and how big will the screens be? Here are all the rumors and everything we know so far.
Deals

Beat the heat this summer with an affordable air conditioner

Summer is officially here, and now is the time time to shop for some deals on air conditioning units. We rounded up a selection of the best deals on cheap air conditioners and dehumidifiers going right now.
Home Theater

Are there reasons to own a projector when big TVs are so cheap? Glad you asked

Since no aspect of your home theater setup is more important than your display, we weigh in on the projectors vs. TVs debate. We've put together this comprehensive guide to help you find the right option for your lifestyle.
Computing

Microsoft stops a Russian attempt at hacking 2018 midterm elections

Microsoft discovered that the Russian GRU military intelligence agency attempted to hack the 2018 U.S. midterm elections using similar phishing tactics previously employed to hack the 2016 presidential election.
Web

Google, Microsoft, Twitter, and Facebook team up on new data transfer project

Some of the largest tech companies in the world have teamed up to make data portability a little easier. The initiative is called the Data Transfer Project, and the likes of Google, Twitter, Microsoft, and Facebook are all on board.
Product Review

The ZenBook S doesn't like to show off, but it's one of the best PCs you can buy

Asus has designed a little jewel of a notebook. It looks great, feels solid in the hand, and incorporates several thoughtful design touches that elevate it from pedestrian to premier.
Computing

These cheap laptops will make you wonder why anyone spends more

Looking for a budget notebook for school, work, or play? The best budget laptops - including our top pick, the Asus ZenBook UX330UA - will get the job done without digging too deep into your pockets.
Computing

Pay-n-pray cybersecurity isn’t working. What if we just paid when it works?

Companies and individuals sink loads of money into cybersecurity each year, and yet with each passing month, the situation seems to worsen. Area 1 Security has a new philosophy -- and it could totally change the game.
Computing

VR is in a tailspin, and the sales numbers prove it

VR is the future! Except if you look at the data. Sales of the biggest VR headsets, including the HTC Vive, PlayStation VR, and Oculus Go, are all declining. What does it mean for the state of VR, and where do we go from here?
Computing

The launch of the new MacBook Pro has been a complete disaster

Apple has flubbed what should've been a simple processor bump for the MacBook Pro. From issues with pricing and CPU throttling to the keyboard, the MacBook Pro is in an even worse position than before the update.