OPINION

Microsoft investigates an alternative to passwords

It might be time to do away with all those digital passwords

OOOONE-HUUUUNDRED-AND-EIIIIIGHTY! A number to be celebrated when a darts player throws three perfect darts.

As a complete coincidence, it is also the number of passwords that are saved in my browser. When I sat down to write this article, I checked in my browser to see how many passwords were saved. I was expecting a big number but 180 shocked even me.

The problem is that cybersecurity experts tell us to have a different password for every login and make sure that password is at least 10 characters long with upper and lower case, numbers and special characters and change it every 30 days. It is all too hard.

It is little wonder that, despite 579 password attacks every second across the world, '123456' and 'qwerty' and 'password' keep topping the list of common passwords.

In a recent survey, 20 per cent of people said they would rather perform an embarrassing 'reply all' e-mail than reset a password! Hackers often don't break in to your account - they just log in.

What is the solution? Usage of security fobs and biometric scans are increasing but what if we just remove the password altogether?

Have I gone crazy? Well it isn't so much me going crazy as Microsoft fixing an unfixable problem by giving up on traditional advice and coming at the problem from a different angle. For years advice on password strategy has fallen on deaf ears so Microsoft has thrown its hands in the air and said: "Get rid of the password."

MORE LIFESTYLE

Remove the password from Outlook and OneDrive and even Windows itself.

Before you are convinced that Bill Gates has used vaccine injected 5G mind control to influence employees at the company he founded, let me explain.

To go passwordless, you need to download and install the Microsoft Authenticator app and link that to your Microsoft account. Then turn on 'passwordless account'.

When you attempt to login to your account, you will receive a code on your app. Type in that code and you are in.

If you don't like the idea of the app, you can use your phone or a secondary e-mail account or biometric options can be used such as face, iris or fingerprint.

Don't mistake this for two-factor authentication. There are some companies that require a password AND a second factor of authentication such as a text message.

Microsoft's version does not require the password. It relies entirely on the code. There is no password failsafe with this system because there is no password.

Now I am sure the clever people at Microsoft have thought of a few little issues that spring immediately to my mind.

If your phone is lost or stolen, at best it means that you may lose access to your services but it may mean that someone else has easy access to all of your information.

The other assumption from Microsoft is that we all have ubiquitous connections. For the many people who live in regional Australia, they will tell you that isn't the case.

Before Wi-Fi texting was available, I heard many stories of farmers using their bank online with a satellite Internet connection. To logon, the bank would send a text message but the farmer may have to run 50 metres up their driveway to get phone reception to receive the text before running back to the house and entering it within the time constraints.

Tell me if you'd rather continue with your passwords or are brave enough to go passswordless at ask@techtalk.digital

  • Mathew Dickerson is a technologist, futurist and host of the Tech Talk podcast.
This story It might be time to do away with all those digital passwords first appeared on The Canberra Times.