Password management is a painful chore. I literally have a spreadsheet with hints to myself to help me associate password to account. I’m in this situation because I have at least eight active email accounts along with accounts for Paypal, Amazon, and LinkedIn, among many, many others. You’re probably in the same boat as me.
Now, I’m fairly diligent, but most people aren’t. One of the key problems that many have with password management is that they simply don’t manage them at all. Even if people bother to come up with a genuinely hard-to-crack password, most end up using the same one over and over again. I would not call this secure. And I can understand why people neglect such an important aspect of their security – it is tedious and complicated work. So what can make this task less complicated? One solution is biometrics!
Before we get any further, here’s a quick definition of biometrics for the beginner/uninitiated. From Webopedia, biometrics is:
“Generally, the study of measurable biological characteristics. In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked.”
More simply, we can look at biometrics as the use of electronic devices to detect a person’s unique physical traits for the purposes of verifying her/his identity. I think you can see how this might be easier than passwords, right? In the spirit of helpfulness, here are some of the best biometric authentication candidates to replace passwords as a security system!
The hand – versatile, powerful, and full of features that are unique to each person. There are a multitude of biometric clues that can be found in human hands. The most viable authentication methods thus far:
- Fingerprint recognition – I’d bet that just about everyone has heard of this method by now. Previously, a good number of businesspeople have used some variant of this technology to lock/unlock their laptops. And now that Apple has made fingerprint recognition a way to secure their phones, it’s a very good bet that many, many consumers will get into the habit!
- Palm print recognition – like fingerprints, palm prints are unique across individuals. Its chief advantage over fingerprints is that it’s even harder to fake because authentication systems have much more information against which to verify identity.
- Hand geometry recognition – the comparative dimensions of fingers to other hand landmarks is not very distinctive. On its own, this can’t be used for identification purposes, but could be a useful adjunct to the other two methods listed above.
- Retinal recognition – fans of spy and/or science fiction shows have no doubt seen this used many a time. There’s good reasons for this – it is secure. The vascular configuration of the retina is unique to each person and eye, and the eyeball itself shields the retina from easy “hacking”. The only real downside is that retinal scans aren’t user friendly, either for the encoding process or for the authentication process.
- Iris recognition – the iris is even more unique – not even identical twins have identical irises! Better yet, from a user standpoint, it’s less invasive as well. Unlike retinal scans, iris scans can take place from a distance. And, living irises respond differently from dead irises – it really requires the person with clearance to be alive for this to work!
- Facial recognition – we’ve reached the point where biometric systems have the capacity to identify individuals via dynamic images of faces. You can’t just plop a photo in front of a system and expect to gain access anymore! That said, facial recognition systems do have their drawbacks. For one thing, most of us have extraordinarily expressive faces (that’s why Canada only allows neutral facial expressions for passport photos). For another, poor lighting and things that obscure the face (like glasses or hair) severely downgrade facial recognition.
- Facial thermogram recognition – believe it or not, but the pattern of heat radiated from the face is thought to be unique to each person! As with facial recognition, thermogram identification is unobtrusive. Also similar to facial recognition is the requirement for powerful computing and clear signals.
Unimodal vs. Multimodal Biometric Systems
This is basic logic, but it bears mentioning. There are systems that are unimodal, i.e., that authenticate using single biometric measure. Examples of this include the fingerprint scanner in iPhones and older HP laptops. There are some pretty serious limitations to unimodal systems, as every one of the features I’ve listed so far can be tricked in isolation. Some are harder to fool than others, but the fact remains that, individually, biometric features can be faked.
The better idea is to have a multimodal biometric system – something that requires the user to furnish multiple biometric features to gain access to whichever function/app/account under protection. After all, as the number of authentication requires grows, it becomes more difficult to fake ID, short of physically coercing the right person to access an account! Fortunately, because we live in a lawful society, this really shouldn’t be a problem…
Of course, authentication using any or all of the above is still in its infancy, relatively speaking. For the moment, it is crucially important that you maintain proper password security and a good password protection policy for your devices and services. For example, it’s easy to automate the process of password changes within companies for wireline phones, if you have the right service provider. On that note, might I recommend you give us at Cimpl a shout? We’re Canada’s leader in IT and telecom expense management, and we make certain that our many, many customers are up-to-date with the best practices for business security, including password management! Contact us to find out more!
- Smartphones become superphones!
- Sony creates 185 terabyte tape storage
- The steps to the best BYOD policy