Your Password Or Your Soul
Will there be life after passwords? We are currently drowning in them – some more than others. A fella like me might need to enter 50 different passwords of increasing complexity just to get by a week in 2014.
It’s a growing problem because hackers and their security breaches, accompanied by the illegal market for passwords farmed from cracking programs, has made it difficult to stay secure, even with such complex passwords. Putting spaces in them helps but it’s not really simplifying anything.
So what to do about it? Is there a world in which we can live with all the technology minus all the passwords? DARPA (the peeps who started the internet 40+ years ago) is working on it, and their studies are fascinating. Here’s some potential replacements for the password (aka “user authentication”):
- Your heartbeat vibrations, as recorded by your phone
- The way you respond to error and system messages (a personality test)
- How your hand shakes as you hold it. Grandpa method.
- How you write texts and emails, based on slang and favorite phrases.
- The “visual fingerprint”: both camera inputs and the screen activity on the phone. The phone needs to see daddy (or his pocket) to turn on!
- How you walk (your gate) as recorded by your phone over time. Walk to unlock?
Read about these programs here.
This is pretty amazing tech, with many of these methods already working on modern phones using no added hardware.
But the flip side as I see it at first blush: we are giving up our anonymity even more, giving that much more power to the machines. If my phone needed to know it was me to use it, no matter what, while that is secure it just isn’t practical. A spouse, business partner, tech support, small business, children and friends are all potential password sharing situations.
If we have to prove we are allowed into the machine beyond ways that we are able to share through human methods, then we have lost that much more control over the machine world.
But yay! The future sure will be fun! If my machine must know it’s me for security purposes, it will know it’s me for other less critical purposes.