Death of the password?
As Microsoft use biometrics to beat hackers, is it the...
MICROSOFT is ditching passwords – because remembering them is too inconvenient.
The technology giant said people were struggling to create multiple secure passwords, often using the same one for different accounts.
This meant hackers have an easy ‘entry point’ to personal information, with 500 attacks occurring every second across the globe.
Microsoft will now ask users to opt in to using their fingerprints, facial recognition and authenticator apps that bring up a prompt on your smartphone to enable you to log in.
In a blog post, security vicepresident Vasu Jakkal wrote: ‘Passwords are incredibly inconvenient to create, remember, and manage across all the accounts in our lives.
‘We are expected to create complex and unique passwords, remember them, and change them frequently – but nobody likes doing that.’
According to Microsoft, 15 per cent of users include their pets’ names in their passwords, while 10 per cent admit to reusing the same one across several different sites and over a third repeat a formula for new accounts.
But these tricks are easily decoded by hackers using algorithms. In addition, criminals unleash so-called phishing attacks, which encourage users to input their information in a fake website, or simply view passwords online after a company has suffered a data breach.
A well-used phrase used by security experts at Microsoft was ‘hackers don’t break in, they log in’, Miss Jakkal wrote in her blog.
‘A quick look at someone’s social media can give any hacker a head start on logging into their personal accounts. Once that password and email combination has been compromised, it’s often sold on the dark web for use in any number of attacks.
‘These tactics are relatively unsophisticated and have been in play for decades.
‘But they continue to work because passwords continue to be created by humans.’
The latest move makes logging in far more secure, she said, adding: ‘Only you can provide fingerprint authentication or provide the right response on your mobile at the right time.’
Users will still be able to use passwords if they wish.
Microsoft has been trialling password-free accounts with business users since March.
Professor Alan Woodward, part of a research team investigating passwordless authentication at the University of Surrey, said it was ‘quite a bold step from Microsoft’. He said passwords were a decades-old concept ‘and maybe the time is now right to start looking for something different’.
j.norton@dailymail.co.uk