Can the password be counted as one of mankind’s greatest inventions? Passwords have been in use since ancient times as scriptures have found their use in Roman military. Technology has become cutting edge since then but the idea of the password has still remained same. And so has the ubiquity of its use (or rather increased).
Despite being such rudimentary things, passwords are critical to network security being the initiator of the authentication system in networks. But at the same time, passwords can also be first point of attack for infiltrators seeing that people often find it difficult to remember passwords and so use simple ones they can’t forget but again become susceptible to attackers. With the role technology plays in our lives, it is impossible for anyone to shut out the password. You’ve got to access some resource and you’ve got to have a password to do that.
Some may find it frustrating while others may see the marvel in it but attempts to replace the password are hardly finding any feet owing different factors. After single biometric based authentication systems like fingerprints, there are now further attempts in this direction most recently with the Google’s Project Abacus. Project Abacus aims to simply identify users by reading them and claims such a reading is uncrackable. Whether such an attempt to kill the password will succeed or not is yet to be seen but password fatigue does remain one of the key considerations for businesses. Volkswagen paid about €1 million in IT services each year to help employees retrieve forgotten passwords, reports said in early 2015. It is not just Volkswagen but it is enlightening to learn that it takes nothing to create a password but about $10 to $25 to in IT costs to retrieve a forgotten password. For employees, this is alright to some extent because the long term damages are minimal and they have nowhere to go. But for consumer-facing businesses, forgotten passwords could be devastating. More so, because it is estimated three out of four customers forget their passwords. And with such competition surrounding businesses, customers are not obliged to retrieve their passwords.
While you may not be able to completely eliminate the password unless you are Google or Microsoft, one of the best options is to get rid of a multiple password system for your customers Single Sign-On solutions. Most businesses these days have multiple applications that their customers need to log into for access. But using Single Sign-On (SSO), a single set of login credentials can be used by customers to sign into multiple applications at the same time without having to do so each time they open a different application within the same domain. Several vendors offer SSO applications but businesses should look for certain boxes SSO applications tick before you employ them. Single Sign-on implementations should allow for a unified profile management wherein changes in customer profile through one web application should immediately reflect across all the properties. Secondly, being consumer facing, your business requires an SSO implementation that allows for centralized tracking of customer activity across all of your applications resulting in centralized analytics for the entire domain. Lastly and importantly, SSO implementations should be scalable and friendly across mobile devices integrating with mobile apps as well.
Attempts are in full swing but passwords may not be gone, yet.