One of the top ways to achieve better online privacy protection is by creating strong passwords that attackers’ password-cracking programs can’t guess. But the type of combinations that prove best are also very difficult for most people to remember, since they contain a long string of symbols, numbers, lower-case letters and capitals.
Also, security experts advise changing passwords regularly and trying different tactics for keeping them safe, making the issue even more challenging. Unfortunately, some people give up and use simple words or combinations like “football” or “123456” that land on the worst password list every year.
The good news? Help may be on the horizon with password protection software.
In late March, both Yahoo and Microsoft announced they were taking on the issue with password protection software, although in very different ways. Let’s take a look at what both companies have planned and whether online privacy protection will get better as a result.
Yahoo: On-Demand Authentication
Recognizing that online privacy protection relies heavily on creating strong passwords, Yahoo decided to remove user frustration by launching a service in which “on-demand” passwords are texted to a user’s phone. Thus, there isn’t a need to remember a password.
To set it up, a user turns on the on-demand feature in Yahoo security settings by using a normal password. For subsequent Yahoo visits, a one-time-use password that is only four characters is sent as a text. Speaking to the press about the change, Yahoo vice president of product management for consumer platforms Dylan Casey said this is the first step toward eliminating passwords altogether. He added, “I don’t think we as an industry have done a good enough job of putting ourselves in the shoes of the people using our products.”
Maybe Yahoo is just tired of password hacks. There are several hacker websites that emphasize how easy it is to crack a Yahoo password, especially if an attacker can access a user’s system.
Microsoft: Biometric Protection
Around the same time as Yahoo’s announcement, Microsoft proposed a new way for creating strong passwords. Unlike the authentication strategy launched by Yahoo, Microsoft is striving for more biometric protection, where your computer recognizes your face, iris (part of your eye) or fingerprint.
The company’s newest operating system, Windows 10, will feature a system called Windows Hello that lets users sign into their devices with biometrics instead of passwords. Joe Belfiore, Microsoft’s corporate vice president of operating systems, wrote in a blog post that the step will help users move away from passwords that are “a random assortment of letters and numbers that are easily forgotten, hacked or written down and pinned to a bulletin board.”
Security Risks Still Present?
Neither of these proposed methods is foolproof, of course. There are still security risks with fingerprint authentication that have experts cautious about its use, and Yahoo’s solution will lead to major problems if a phone is lost or stolen.
But efforts like these are worth watching, especially by those who struggle with password security. At the very least, they show that large companies are aware of password pain points and willing to get creative to improve online privacy protection.
Image courtesy of Flickr user Matthias Ripp.