TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentral TechCentral
    NEWSLETTER
    • News

      Eskom offers workers 7% increase: sources

      29 June 2022

      E-commerce is killing shopping malls – but, curiously, not in South Africa

      29 June 2022

      E.tv: ‘We know we must vacate broadband spectrum bands’

      29 June 2022

      Eskom employees returning to work

      29 June 2022

      E.tv in stunning victory over minister in digital TV fight

      28 June 2022
    • World

      Napster plots crypto comeback

      29 June 2022

      Pictures: Chinese spacecraft acquires images of entire planet of Mars

      29 June 2022

      Arm aims for leg-up in smartphone games with new chip tech

      29 June 2022

      Warnings of a final bitcoin ‘washout’

      29 June 2022

      Sony launches into PC gaming hardware

      29 June 2022
    • In-depth

      The great crypto crash: the fallout, and what happens next

      22 June 2022

      Goodbye, Internet Explorer – you really won’t be missed

      19 June 2022

      Oracle’s database dominance threatened by rise of cloud-first rivals

      13 June 2022

      Everything Apple announced at WWDC – in less than 500 words

      7 June 2022

      Sheryl Sandberg’s ad empire leaves a complicated legacy

      2 June 2022
    • Podcasts

      How your organisation can triage its information security risk

      22 June 2022

      Everything PC S01E06 – ‘Apple Silicon’

      15 June 2022

      The youth might just save us

      15 June 2022

      Everything PC S01E05 – ‘Nvidia: The Green Goblin’

      8 June 2022

      Everything PC S01E04 – ‘The story of Intel – part 2’

      1 June 2022
    • Opinion

      Has South Africa’s advertising industry lost its way?

      21 June 2022

      Rob Lith: What Icasa’s spectrum auction means for SA companies

      13 June 2022

      A proposed solution to crypto’s stablecoin problem

      19 May 2022

      From spectrum to roads, why fixing SA’s problems is an uphill battle

      19 April 2022

      How AI is being deployed in the fight against cybercriminals

      8 April 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Editor's pick»How to fix the password problem

    How to fix the password problem

    Editor's pick By Agency Staff9 May 2017
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    Headlines about mass data breaches have become ominously routine, and yet password convenience still trumps security for most people. That’s why, year after year, the world’s most popular logon remains “123456”, a password so obvious it accounted for 17% of the 10m compromised passwords analysed by Keeper Security, which sells a login management service.

    The answer, of course, is to get rid of passwords altogether. Biometric technology — especially fingerprint scanners — have been steadily replacing the need to type in a password, which can easily be guessed by hackers wielding smart algorithms. Now, with the world increasingly embracing voice-activated devices like the Amazon Echo and Google Home, companies are starting to create technology that recognises a person’s speech patterns. Facial recognition is starting to catch on as well.

    “Our vision is to kill passwords completely,” says Dylan Casey, vice president of product management at Yahoo, which has suffered major security breaches. “In the future, we’ll look back on this time and laugh that we were required to create a 10-character code with uppercase and lowercase letters, a number, and special character to sign in, much in the same way that today’s teenagers must laugh at the concept of buying an album on a compact disc.”

    The question is whether companies will be able to persuade people to switch to biometric logins and whether the new technology will prove any more resistant to hackers than the old-fashioned password.

    Apple popularised the fingerprint scanner by embedding it in the iPhone four years ago, subsequently baking the technology into the MacBook line-up. Now Microsoft is getting into the act. Last month, the company started to let the estimated 800m people who use its Outlook.com, Xbox.com, Skype.com and other cloud-based features log on with a fingerprint scan on their smartphone if they so choose. By October or November this year “you’ll be able to take your phone, walk up to your Windows 10 PC and just use your thumb print to log into your PC”, says Alex Simons, who’s in charge of products within Microsoft’s identity division.

    The banking industry, long mindful of security, has adopted some of the most cutting-edge technology. UK bank Barclays started letting wealthy customers verify their identity during telephone banking with their voices back in 2014, and rolled out an opt-in version to retail clients last year. “Our voice security works by taking a recording and analysing the different voice patterns, the vocal tones, the pitch and the pace,” says Simon Separghan, who’s in charge of Barclays’ contact centres across the UK, India and the Philippines. He said the bank is currently working to implement the technology into its mobile banking app. HSBC, Citi, Santander are also all starting to let customers use their voices to log into their telephone banking accounts.

    Face recognition is becoming more common as well. Lloyds Banking Group announced in April that it would trial Microsoft’s Windows Hello technology, which lets online users log into their Web-based accounts by pointing their face at a computer’s webcam. United Services Automobile Association has enabled the same within its mobile app for smartphones, as has UK challenger bank Atom.

    Is the new technology hacker-proof? Barclays’ Separghan is sanguine about the bank’s voice-activated login system and says there have been no breaches so far. “We’re very confident that the system is as unique as your fingerprint,” he says. “So whether or not people are doing impressions or tape recordings and playing them back, the system has the ability to detect that.”

    But Michela Menting, digital security research director at ABI Research, isn’t so sure. “With artificial intelligence, you’ll have machines that’ll be able to clone human voices and maybe be able to pretend to be somebody else,” she says.

    In April, three developers from a Montreal AI startup released demos of their speech synthesis tool, Lyrebird, which they said could “copy the voice of anyone” with as little as a 60-second recording. They released audio samples of their work, which mimicked the voices of Barack Obama, Hillary Clinton and Donald Trump.

    One of Lyrebird’s founders, Alexandre de Brébisson, who is studying AI at the University of Montreal, said his team’s motivation was to improve speech synthesis rather than anything nefarious. “We believe that vocal human-computer interfaces will become more and more widespread in the future and we want to make them better,” he said.

    Could his software be used to fool voice-based authentication? “We haven’t tested our tech on those systems,” he said, “but we would not be surprised that our current technology can already fool those systems.”

    Similar concerns have been raised about face-recognition. Microsoft says its Hello technology, now available in a range of Windows-based computers and soon to be tested at Lloyds Bank, Halifax and Bank of Scotland, uses infrared sensors to build a reliable representation of a human face. The company says the technology can’t be fooled by holding up a photograph to the lens. But in March, reports surfaced that the facial-recognition feature of Samsung Electronics’ new Galaxy S8 smartphone could be tricked exactly that way. In a statement, Samsung noted that users have several ways to unlock their phones and said facial recognition can only be used to open the Galaxy S8 and not to “authenticate access to Samsung Pay or Secure Folder”.

    Thirteen years ago, Bill Gates predicted the death of the password. It never happened because people cling to old habits and can’t always afford the latest technology. To avoid alienating customers, the banks aren’t insisting that they switch to safer technology but are letting them opt in. So though cheaper biometric sensors and smarter software have helped improve online security, Menting believes passwords may be around for another 50 years — kind of like landlines. “Until we have embedded devices in ourselves that can act as that password,” she says, “I really don’t see them losing the authentication war anytime soon.” Hackers are counting on it.  — (c) 2017 Bloomberg LP

    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleWho has SA’s best Galaxy S8 deals
    Next Article MWeb sale to IS gets regulatory nod

    Related Posts

    Why software updates make us WannaCry

    17 May 2017

    Ransomware: what you need to know

    14 May 2017

    Apple’s growth story is over

    3 May 2017
    Add A Comment

    Comments are closed.

    Promoted

    Think herding cats is tricky? Try herding a cloud

    29 June 2022

    How your business can help hybrid workers effectively

    28 June 2022

    Hands off our satellite spectrum!

    27 June 2022
    Opinion

    Has South Africa’s advertising industry lost its way?

    21 June 2022

    Rob Lith: What Icasa’s spectrum auction means for SA companies

    13 June 2022

    A proposed solution to crypto’s stablecoin problem

    19 May 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.