With the proliferation of cyber attacks, securing accounts has become a major problem. Passwords no longer offer sufficient protection; it is urgent to abandon them and move on to the next level, at least for 10 good reasons.
1- The password protection system is obsolete
The first password would have been implemented as early as 1961 at the Massachusetts Institute of Technology (MIT). Very quickly, the students at MIT were able to bypass the system. 50 years later, computer systems have drastically evolved, but the use of passwords remains de rigueur even if they are still not infallible.
2- Passwords are often much too simple
According to a study by Statista, among the twenty most common passwords in 2019 were “qwerty”, “password” and several variations of “123456”. Also trendy, the little love nicknames: “doudou”, “loulou” and other “darling”. Very easy to remember, but even easier to “crack”.
3- The same password is often used for several accounts
Despite the recommendations, still 59% of Internet users use the same password for all their accounts. The result: When a hacker discovers a password, they can use it to attempt to access other online accounts – and often do so in seconds.
4 -Too many online accounts to secure for our little memories
Why do we choose “weak” passwords or often reuse the same ones? Quite simply because we have too many online accounts: an Internet user has 150 on average! Remembering a different password for each account is simply not possible.
5- technology makes it easier for hackers
Technology makes life easier for us – but also for hackers! Among the techniques they often use: the use of “malware” that records keystrokes, thereby revealing passwords. When a computer is infected with this malware, no matter how hard you use the strongest passwords, nothing can prevent the hacker from gaining access to it.
6 – Passwords are the cause of most security breaches
According to the 2019 edition of the Verizon Data Breach Investigations Report, 81% of security breaches are due to weak, stolen or reused passwords. For a company, this is a huge problem: if its password management is not optimal, its customers’ data can be compromised.
7- Users can suffer heavy financial consequences
Password cracking or online identity theft can have catastrophic consequences for Internet users. A stolen identity can be used to make online purchases, take out credit, etc. Beyond the administrative damage, victims can thus lose large sums of money.
8- For a company, the procedures for restoring access to hacked accounts are expensive and time-consuming
In the event of a hacking of a customer account, if fraudulent purchases are made from this account, the company will have to manage the consequences. Giving a customer access to their account is not that simple: you have to be sure that the person trying to recover this account is legitimate. For the customer, too, the process is tedious: they will probably have to change their login information.
9 – Companies must take care of the reimbursement
If a customer account is compromised, the company will likely have to reimburse the victim. For the retail sector, reimbursements made globally can amount to an astronomical sum of $ 40 billion per year.
10 – Password management is a real headache for companies
The costs associated with managing passwords (customer service agents, infrastructure) can be heavy. Up to 50% of help desk calls are about resetting a password, and the costs can be as high as $ 70 per incident.
So, can we really do without passwords today?
According to Gartner, 60% of businesses will halve their password dependency by 2022. In the meantime, steps have already been taken to improve password security, such as authentication to two factors, but this method is not without flaws.
The solution for businesses might be to verify the identity of their customers. By combining verification of identity documents and biometrics, it is possible to exempt passwords, while increasing security.
The use of biometrics for identification could therefore well be the key to a secure future, without password.