Passwords have had a long and illustrious history. From the moment people were able to have their own personal technical devices, they used passwords to keep those devices safe. And passwords have held up well. They’re generally safe, and they give users autonomy over their own data security. They’re also simple and convenient, allowing ordinary people to easily manage their safety without being tech wizards.
Although passwords have been tried and tested, they may be coming to the end of their usefulness. As technology advances and the threats to our personal data become more serious, good old fashioned passwords are starting to show their flaws.
In a recent study, it was found that about 35% of users had weak passwords, and the remaining 65% could be cracked without a huge amount of effort. That’s scary enough, but throw in the fact that about 80% of all cyber attacks involve a weak or stolen password and it looks genuinely terrifying.
To hammer home the point even harder, cyber attacks in 2017 cost U.S. enterprises an average of $1.3 million. The amount of money that could be saved by simply taking more care about passwords is almost off the scale. But why do passwords fail so often?
Where Do Passwords Go Wrong?
The issue with passwords is that they’re extremely susceptible to human error. It’s easy to create a weak, easily memorable password to save time, and the result is a password that’s far easier to hack.
For example, passwords like ‘123456’ are common choices, and this just makes life way too easy for opportunistic cyber criminals. The best passwords are much more complex, with a combination of letters, numbers, and other characters. They also shouldn’t contain personal information like the user’s birthday or their child’s name.
Another common mistake is to duplicate and re-use passwords across a number of accounts and devices. Again, this makes things easier for users as there’s less to remember, but if a hacker gets one password they gain access to multiple accounts.
Sharing passwords is another big problem. For example, members of the same family or office might use the same accounts with the same passwords. This just multiplies the risk of someone making an error that could compromise everyone’s data.
We’ve all had the dreaded ‘your password is about to expire’ message. While it’s annoying, these prompts exist for a good reason and are ignored all too often. Failing to change your passwords regularly increases the risk of attack.
Research has found that 50% of people haven’t changed their social media passwords for over a year, and a worrying 1 in 5 has never changed them. All this combines to make passwords a pretty unsafe way to protect our data. Most are too simple, repetitive, or commonly used to be at all effective.
So What’s the Solution?
One of the more popular solutions up to now has been password management software. These programs help users step up their security by storing passwords in an encrypted vault and automatically filling in details. This avoids the risk of falling victim to issues like keyloggers. They also help users generate stronger and more secure passwords, and help avoid common mistakes.
But while these programs can help, they’re also flawed. Many contain bugs and vulnerabilities that can actually increase the risk of being hacked. There has to be an alternative. The answer could lie in blockchain technology. Companies like Remme are building software based on blockchain that could remove the need for passwords altogether.
Instead, users can generate a unique SSL/TLS certificate for every device they use. This certificate is then stored safely on the blockchain. Blockchain ensures security because it’s immutable — it’s extremely difficult for anyone to tamper with the data or commit fraud. For an extra layer of security, Remme even allows its users to use two-factor authentication using a messaging app of their choice.
There’s no password, nothing to remember, and no code to crack. This method neatly avoids all of the issues that passwords struggle with and brings peace of mind to users. Unless all of your devices are physically stolen, your data is safe. All in all, using blockchain to replace passwords is a new idea, but it might just catch on, becoming extremely valuable to businesses and individuals.