Many people would agree. The password has become a monkey on our digital backs - an essential key to our many devices and accounts, but increasingly a source of exasperation and insecurity.
The research arm of the Defense Department is looking for ways to use cues like a person’s typing quirks to continuously verify identity - in case, say, a soldier’s laptop ends up in enemy hands on the battlefield. In a more ordinary example, Google recently began nudging users to consider a two-step log-in system, combining a password with a code sent to their phones. Google’s latest Android software can unlock a phone when it recognizes the owner’s face or - not so safe - when it is tricked by someone holding up a photograph of the owner’s face.
Still, despite these recent advances, it may be premature to announce the end of passwords, as Bill Gates famously did in 2004, when he said “the password is dead.’’
“The spectacularly incorrect assumption ‘passwords are dead’ has been harmful, discouraging research on how to improve the lot of close to 2 billion people who use them,’’ Cormac Herley, a researcher at Microsoft, the company that Gates founded, wrote in a recent paper.
Herley suggested instead that developers try “to better support the use of passwords’’ - for example, by helping people protect their wireless connections from eavesdroppers. “Passwords,’’ Herley continued, “have proved themselves a worthy opponent: All those who have attempted to replace them have failed.’’
The touch-screen approach of Memon works because, as it happens, each person makes the same gesture uniquely. Their fingers are different, they move at different speeds, they have what he calls a different “flair.’’ He wants logging in to be easy; besides, he said, some people find biometric measures like an iris scan to be “creepy.’’
