Driving the shift to a passwordless era

Driving the shift to a passwordless era

Your passwords need to be easy to remember, yet not get repeated too often on different websites. That makes no sense. Doesn’t that make them outdated? Atos and Google have a solution.

Data breaches are becoming business as usual. Facebook saw over 50 million of its accounts being compromised in 2018, and ‘Hotel Group Marriott’ suffered a data breach of over 500 million customers. Names, mailing addresses, phone numbers, and passport numbers were all accessed. One of the most common reasons for a data breach is phishing. This is a method where criminals often disguise themselves as a trustworthy entity to get access to your data. Passwords play a major role in this method. Time for a solution?

Password management

One of the options Google offers to prevent data breaches is password management. This means passwords can be made more unique as customers do not have to remember them anymore. Passwords can be stored in Google’s Cloud through for example your browser. The older versions of Google Chrome only required a one-time login to Chrome to access all your passwords, but that is nowadays different.

Recently, Google updated to Chrome 75 to improve password management security. From now on, you need to enter your Chrome login details every time you want to access all your passwords. A small step towards safer and more convenient data access. And there is more!

Two-factor authentication

An even safer method is two-factor authentication (2FA). This method still requires a password. The trick, however, is in the second step. In this step, a second verification is needed. This can either be done by using a phone or an identity key. Using a phone, you will receive a code via text, voice message or the use of an identity app.

An identity key is usually seen as a safer 2FA method, as text messages can be easier intercepted. For hackers, it is more challenging to get access to a physical device. Google created its own Titan key which in the first instance was only used by Google employees. Last year the Titan key became available for purchase. The $50 package includes a USB key and a backup device that communicates via Bluetooth or NFC.

Despite this increased security, Google announced that not all 2FA methods are bulletproof. An increase in attacks that circumvent 2FA is one of the biggest security trends in 2019. This results in a higher demand for stronger 2FA methods. Google Cloud’s product manager expects more services to comply with FIDO-standards. These are free and open authentication standards, which aim to reduce the world’s reliance on passwords. Google’s 2FA already complies with these.

Biometrics 

Both 2FA options however still use old-fashioned passwords. The solutions with the highest security standard usually make use of biometrics. These unique body characteristics can be used as either a first or second authentication method. Nowadays, methods range from using fingerprints to face and eye recognition.

Google uses fingerprints for many different applications. The new Chromebooks have been announced to have fingerprint sensors. Next to this, a fingerprint login can be used for Google Chrome. For Google Pay, fingerprints can be used as an additional security method. And there are even more applications.

The most recent and modern method for authentication is facial recognition. In June 2019, Google announced they were going to start using face unlock in its operating system. In addition, facial recognition can also be used to sign in for apps and make payments. In the past, this way of authentication could easily be fooled by for instance using a video playing on another phone. Recently, the security of facial recognition has improved a lot by e.g. using 3D technology. The applications of facial recognition are expanding fast and will make authentication way more convenient.