Open sesame

New technologies are ensuring that no one will ever need to set a complex password — or remember it — ever again.

OK, I will admit that it was a last-ditch effort, but I had nothing to lose. I started chanting, “I will remember the password to the bank account. I will remember the password to the bank account.” But the only thing I got access to was a message stating the obvious, “Either your username or password is incorrect.”

We need to prove who we are everywhere we go on our digital road map. Thinking up a strong password that you can easily remember and enter is nearly impossible unless you use a password manager. A January PC Magazine review lists LastPass, Dashlane-Synced and Sticky Password as its three highest-ranked password managers. These allow you to share specific passwords with colleagues. They even provide emergency access to people you assign to inherit your passwords in the event you are incapacitated or pass away. I’ve used LastPass for several years. I wouldn’t be able to remember or enter a strong password like ^@\V3B.u’j@Z}c?sA on my smartphone’s tiny keyboard. LastPass automatically inserts the password during the sign-in process. It’s easier than entering 123.

Now there’s a new game in town that ups the authentication process and eliminates the need for passwords. Device-assisted multifactor authentication (MFA) allows a firm to control access without a password only after users successfully submit separate evidence to verify their identity. MFA has three basic groupings to draw upon: memory recall, devices and genes.

Popular devices include smartphones, security cards and key fobs that generate token numbers. A wonderfully unique example of this is Ottawa-based inBay’s password-less idQ. Users gain access via an app on their registered smartphone. The smartphone has a unique ID. It also transmits its geolocation via its GPS transmitter. When I request access to my network, idQ will send a one-time barcode to my desktop. I sign into my smartphone and use the app to scan the barcode and submit it for authentication. Access is granted as the barcode is independently submitted from the device.

With the introduction of Windows Hello in Windows 10, we now have some really good genetic/biometric options with varying levels of security: 3-D facial recognition, iris scanning and fingerprint scanning.

Three-dimensional facial recognition is accomplished through the use of three cameras — 3-D, infrared and RGB (traditional webcam). It is a pretty solid security option as the 3-D component means the device cannot be fooled by high-resolution photos. Plus, it’s practical as it works well even in low light thanks to the infrared element. It also works at a distance (0.2 to 1.2 metres), making it ideal for notebooks and tablets.

Iris scanners use smaller, cheaper cameras that need to be much closer to pick up the details of the iris. This makes them great candidates for smartphones. The camera records the pattern of spots and bands that surround the iris. This pattern is as unique as your fingerprint. However, since there is no 3-D component, high-resolution photos can trick the camera.

Finger-swipe readers have been available for several years but they can be fooled by laying a fake rubber fingerprint over a real finger. This is now the weakest of the biometric options. The Surface Book, Microsoft’s powerful new notebook, doesn’t even include a fingerprint reader.

As technology has advanced and hackers have become more prolific, multifactor authentication, especially biometric authentication, provides a wonderful answer to the security weakness of passwords. We have seen it in use in movies and we knew that it would be introduced sometime in the future. Well, the future is now.