Alternatives to the Password

Most of us know how difficult it can be to remember all of the passwords for all of the different web sites, operating systems, programs, etc. There are programs that will store your usernames and passwords for you so that you don’t have to write them down or memorize them. Currently, I have 90 entries in my password keeper on my phone. But how secure is this program? What if someone hacks into this app? Then they have ALL of my passwords. It’s scary to think about what would happen if someone got hold of my phone and hacked it.
The next wave in computer security will be biometric authentication. We all know that the fingerprint is being used for security (e.g. the iPhone 5S). But there are more biometric authentication identifiers on the way. For one, your heartbeat has electrical signals that are hard to duplicate. Devices like the Fitbit are already on the market, and they detect a person’s heart rhythm. Other personal identifiers include ear shape, the way you walk, and face recognition.
While biometric security seems to be more convenient than memorizing a slew of passwords, there are some negative known, and unknown, consequences. For example, if you use a fingerprint to access some information, you run the risk of someone obtaining this print by means that are not necessarily just invasive to your privacy. According to Wikipedia, “in 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal the car.”
With any new technology, we need to be prepared for the consequences that we are aware of as well as those that are unanticipated.

7 Responses to Alternatives to the Password

  1. Michael Hammons

    Not having to remember the many different passwords I have sounds like the ultimate convenience. Especially since many sites, like Carmen, force you to change your password every so often. I constantly find myself trying about 3 or 4 passwords for every site until one works. It would be so much more convenient to just scan my finger or face and be able to have access to whatever I’m trying to log into.

    One of the main points in our class is unpredictability. I think many innovations in technology have a lot of unforeseen consequences and biometric authentication is no exception. One major aspect of this type of authentication that people don’t realize is the ways other people can gain access using your biometrics. Like in the original post where car thieves cut off a finger to gain access to a fingerprint reader. I think it would be a lot harder for someone to steal a password out of your brain then it would be for someone to chop off your finger.

    Another problem people often do not realize is the way government can force you to grant them access through biometrics when they normally would not be able to if a normal password was used. Wired.com talks about how the government can use biometrics to get around the fifth amendment. Basically, the government cannot force you to tell them any passwords you have because it could lead to self-incrimination. But, if you use a finger scanner to access this the government is free to collect your fingerprint and gain access that way. Shows that people really need to think about what they are using and how it can affect them.

  2. I definitely agree with both of you when you say that you have a ton of passwords. I do also type in 4 different passwords before I get it correct on all of the things I have to log into. I also have the iPhone 5S and use the finger scanner. Biometrics definitely increase convenience and efficiency. By the time I take out my phone from my pocket its already unlocked. I don’t have to waste time looking at my phone to ever get into it and I still know its securely locked. I never used to lock my phone before I got my 5S but since I got it, its still basically like I don’t have it locked.

    Even though I really do enjoy the easy access of my locked device I do realize that somewhere my fingerprint(s) are stored. Apple could always say that they don’t have it kept, but there has probably been a case somewhere where a company has said they don’t keep certain records, but end up producing it in court or something like that. Thats pretty much my only fear with biometrics.

    I do think the fact that things like passbook, or password keepers exist is pretty counter intuitive. If you forget your password to your passbook, then you are completely screwed, if someone somehow gets into it, you are completely screwed. It also must store these passwords somewhere, be it locally or on a server somewhere, you could be in jeopardy of having the company that produced that app, or item, to be able to look into it.

  3. Edillower Wang

    It seems like everyone has problem on tons of passwords. My passwords are different combination of several elements (such as names, numbers that are significant for me). My mother’s passwords are always the same thing plus the name of the website.

    The loss of your biometric identity, such as the finger cut off case you mentioned, involve three things. A) The accessibility after the loss of identity. B) The property safety. C) One’s own personal safety.

    I think the first concern has no difference to the loss of your password. It always has a secondary method to deal with the loss of password or biometric identity. It may have security question or email address to get your password back, and you can still use password to unlock iPhone 5s.

    As for the second concern and third concern, I’d like to discuss it together. Michael said, “it would be a lot harder for someone to steal a password out of your brain then it would be for someone to chop off your finger.” I don’t totally agree with him. I think the personal safety and property safety relates to how we use the biometric identity and we use it to secure what kind of things. The more valuable the property is the more risk the person has to be injured, but the injure itself increase the difficulty of stolen. Injures involved in more serious offenses by law, which may change the minds of the criminal in some cases. Some criminal may hack your computer to steal your email account (needn’t hack your brain), but I think they might not going to cut off your finger if your email account is protected by your fingerprints because the cost and law. By the way, there’s a more easier way than cut off one’s finger. This website has a method to fake a fingerprint, but it still too complicated and expensive way for a criminal to steal your email that may not very valuable and profitable for them. Also, this method or just the method about just cut off one’s finger doesn’t mean fingerprints are not safety to protect other valuable things. Only use fingerprints to secure the nuclear briefcase is definitely a stupid thing, but fingerprints could be an additional layer of security.

    In conclusion, there is no absolute security only relative security. Biometric authentication do has some detects, but traditional code and password are not exceptions. Also, single use of biometric authentication is more convenient and safer than single use of passwords in some cases. If the computer of OSU engineering department use fingerprints as login identity, I bet no one would like to cut off my finger or fake my fingerprints to steal my homework (if they are not crazy). Also, I needn’t to remember one more password every 90 days. (If the engineering department will ask to change fingerprint every 90 days, never mind what I said ☹)

  4. I think it is a good thing that we are expanding our possible security solutions. Both biometric measures and passwords have their ups and downs. Biometric verification like the fingerprint are very convenient and easier to use than remembering several passwords. However, it has its drawbacks like any other method.

    My biggest concern with biometric security is that it seems to me that it would invite the possibility of physical harm to a user. For example, a user could be kidnapped if the “hackers” needed the user to get through a retina scanner or for a fingerprint scanner. This would be a lot worse than a password just being hacked anonymously over the web.
    In some cases, fingerprints can be lifted off of everyday objects.

    In the end, fingerprints just offer an alternative to traditional methods. I think that if a user or company is trying to secure something, they should use both biometrics and passwords. For places that require passwords to be reset every set number of days, fingerprints could be really handy in that they wouldn’t have to be reset. Then the user wont have to create/remember another password and it could be more efficient in that there doesn’t need to be a program to add the new password to the database.

  5. Exactly, the changing and manage of passwords, Biometric authentification, and other more, all came up when people trying to deal with the consequences of technological change, which are never predictable. Besides this, technological advances in material sciences are likely to have serious consequences for developing countries and undeveloped countries, because of the substitution of minerals and other natural resources. New and renewable sources of energy can pose serious problems for oil-producing countries. Some of the materials being discovered are likely to have some impact on photovoltaic cells. In that case, the possibility of an economic and inexhaustible supply of solar energy can no longer be dismissed as an unrealisable dream. The new biotechnologies are transforming farming systems, and, before long, equivalents of many of the tropical products which are now exported to countries such as Japan, the US, Canada and Europe could be growable in those societies…Biotechnology could have unforeseeable economic impacts and far-reaching social repercussions. But whatever the consequences are, lets not take every technological stuff as evil or expect it to be just like a heaven as some people affirm to have technology’s a blessing and a curse. Like anything, moderation is the key, but how could you moderate when life push where you have to get and do more? Let’s work to keep it positive and make the technology work for you, not the other way around.

  6. I believe that new methods of authentication could be beneficial considering we would no longer have to remember the complicated and lengthy passwords that they make us use today. Even with systems like Ohio State uses we are required to change our passwords every ninety days for security reasons. But this system could also be flawed if someone has the means and technology to possibly hack into OSU’s network and obtain certain people’s passwords. At this point in time biometric authentication could be the next step in technological advancement. But I do not believe that it will be accepted easily at all. There are some people in this society that reject technology as it is, once it advances more and more people may reject it. There is also the problem to consider as that type of technology advances, is that the technology to access information will become more advanced. This could be potentially dangerous if it is all biometric because it has to do with the human body. Another problem could also be if information that is critical is at some point necessary for access by other people and the “password” belongs to someone who is deceased, then it may be extremely difficult or impossible to access after the fact. I believe that it could be an extremely effective method of maintaining privacy in your home but it would also cause more problems to arise that need to be addressed before people accept it as a go to type of security.

  7. To be honest, I find password highly annoying because they are very hard to standardize. For example, some websites/accounts will require you to use special characters, while others may forbid you from using special characters. More importantly, many accounts or websites will force you to change your password every once in a while, so it is absolutely impossible to standardize a password in most cases. This can lead to you having many different passwords, making it near impossible to remember them. Therefore, the only way to remember these passwords is to store them in a convenient place in the Cloud that you can access anytime, anywhere. For me, I use Google Keep to store all of my passwords because I can access them anytime on both my phone and on any PC with a web browser, but this is not very secure. The Chrome browser automatically logs you into Keep if you log into any Google service, so if I forget to log out of Chrome on a library computer, someone could easily get all of my passwords. To summarize, passwords are 1.) annoying and 2.) insecure.

    Biometric security is much more convenient for obvious reasons- you don’t have to remember to store every single new password and then find it in your password database every time you want to use it. You also won’t have to constantly change your passwords. All that has to be done is simply swiping a finger to looking at a display for facial recognition. Biometric security is also much more secure, because the only way to get one’s password is to physically scan one of your body parts, like the car thief example. While the example may be quite gruesome, the car thieves could also torture a victim until he reveals the password, which can be just as gruesome. As for obtaining a fingerprint without consent, this problem definitely is not specific to biometric security systems. An organization can get one’s password just as easily as a fingerprint. When you create a password, it is stored in the organization’s database, which is easily accessible by that organization. The government can also force that organization to give up your password. So to summarize, biometric security does indeed seem to be the next step, and I look forward to the day we can finally stop using passwords.