The use of eye scanners, veins, and heartbeats in place of passwords may seem ultra futuristic, but security experts say it’s not far from going mainstream.
The online security industry is booming as fraudsters become even more skillful at hacking login credentials.
A key problem when it comes to password integrity is that users use the same basic passwords across many accounts. For example, “password”, “123456” and “qwerty” continue to be the most common, research by online security firm SplashData found.
These findings are similar to previous research by computer security consultant Mark Burnett, who analysed 6,000,000 unique username/password combinations that have been leaked on to the internet following hacking attempts.
Andrew Clouston, founder and CEO of personal profile manager app MOGOplus said if you’re not using unique, strong passwords for each website you log into you’re asking to be defrauded. “Strong passwords are at least 12 characters in length and contain a mix of letters, numbers and symbols preferably in both upper and lower case,” Clouston said.
He added that one of the biggest trends of the recent Consumer Electronics Show in Las Vegas in January was the effort to kill the password. Innovations on display included:
- Fujitsu PulseWallet which identifies you by scanning the unique pattern of veins on your hand;
- Bionym lets you use your heartbeat as a password; and
- EyeLock iris scanning software that recognises users by their eyes.
“The heartbeat, vein and eye scanner tech from CES coupled with what we’re already seeing with the iPhone fingerprint sensor shows that the humble password’s days are numbered,” Clouston said.
An industry working group dubbed FIDO, which includes representatives from Google, PayPal, Microsoft and MasterCard among others, is working to develop new standards for authentication that do not use traditional passwords.