April 13, 2015

Share Everywhere

Is New Password Protection Software an Answer to Online Privacy?

One of the top ways to achieve better online privacy protection is by creating strong passwords that attackers’ password-cracking programs can’t guess. But the type of combinations that prove best are also very difficult for most people to remember, since they contain a long string of symbols, numbers, lower-case letters and capitals.

Also, security experts advise changing passwords regularly and trying different tactics for keeping them safe, making the issue even more challenging. Unfortunately, some people give up and use simple words or combinations like “football” or “123456” that land on the worst password list every year.

The good news? Help may be on the horizon with password protection software.

In late March, both Yahoo and Microsoft announced they were taking on the issue with password protection software, although in very different ways. Let’s take a look at what both companies have planned and whether online privacy protection will get better as a result.

Yahoo: On-Demand Authentication

Recognizing that online privacy protection relies heavily on creating strong passwords, Yahoo decided to remove user frustration by launching a service in which “on-demand” passwords are texted to a user’s phone. Thus, there isn’t a need to remember a password.

To set it up, a user turns on the on-demand feature in Yahoo security settings by using a normal password. For subsequent Yahoo visits, a one-time-use password that is only four characters is sent as a text. Speaking to the press about the change, Yahoo vice president of product management for consumer platforms Dylan Casey said this is the first step toward eliminating passwords altogether. He added, “I don’t think we as an industry have done a good enough job of putting ourselves in the shoes of the people using our products.”

Maybe Yahoo is just tired of password hacks. There are several hacker websites that emphasize how easy it is to crack a Yahoo password, especially if an attacker can access a user’s system.

Microsoft: Biometric Protection

Around the same time as Yahoo’s announcement, Microsoft proposed a new way for creating strong passwords. Unlike the authentication strategy launched by Yahoo, Microsoft is striving for more biometric protection, where your computer recognizes your face, iris (part of your eye) or fingerprint.

The company’s newest operating system, Windows 10, will feature a system called Windows Hello that lets users sign into their devices with biometrics instead of passwords. Joe Belfiore, Microsoft’s corporate vice president of operating systems, wrote in a blog post that the step will help users move away from passwords that are “a random assortment of letters and numbers that are easily forgotten, hacked or written down and pinned to a bulletin board.”

Security Risks Still Present?

Neither of these proposed methods is foolproof, of course. There are still security risks with fingerprint authentication that have experts cautious about its use, and Yahoo’s solution will lead to major problems if a phone is lost or stolen.

But efforts like these are worth watching, especially by those who struggle with password security. At the very least, they show that large companies are aware of password pain points and willing to get creative to improve online privacy protection.

Image courtesy of Flickr user Matthias Ripp.

Melanie Medina

Sr. Director of Digital Marketing at IdentityForce
Melanie is a native of Bolivia who has lived in Boston for over 10 years. She likes to make time to travel, jog, read, and play backgammon. Fueled by copious amounts of coffee, Melanie stays on top of her to-do list while also keeping abreast of identity theft issues. Serious data breaches are happening all the time in the U.S. and Melanie loves being part of a solution that brings peace of mind to families across the country.

Latest posts by Melanie Medina (see all)

Join The Discussion

Your email address will never be published.