How effective are traditional authentication methods?

News

Authentication is the process of proving a user’s or machine’s digital identity. Users are authenticated when they provide some form of credential associated with their user ID. Authentication methods are necessary to protect sensitive data and applications from being accessed by unauthorized users. While authentication is a cybersecurity must, it is also a process that poses potential risk.

As computers get more powerful, so does a machine’s ability to crack passwords. Most organizations have implemented policies for creating passwords to access corporate assets. For example, passwords are often required to include eight to 10 characters and upper- and lowercase letters, in addition to at least one symbol. Enterprise password policies may require users to change their password every 180 days, and policies may also prevent users from reusing passwords as additional security precautions.

These restrictions place significant pressure on the user to remember multiple complex passwords. Users will sometimes resort to writing passwords on a sticky note that remains on or around their computing device. Unfortunately, this may nullify the purpose of mandating strong passwords to make the user accounts more secure.

Biometric authentication is often heralded as the solution to password vulnerabilities. However, this authentication method also comes with its own set of complications. In fact, many forms of biometric authentication can be stolen for impersonation purposes. Consider how fingerprints and facial recognition are two of the most popular biometric authentication methods. It has been proven that both forms of biometric data are at risk of being mimicked or reproduced, either intentionally or unintentionally.

Various kinds of biometric authentication
Biometric authentication is used to manage access to physical or digital resources.
While authentication is a cybersecurity must, it is also a process that poses potential risk.

Lastly, enterprises still use shared passwords to access sensitive networks and resources. For example, the use of a preshared key for Wi-Fi authentication is common in many small and midsize organizations — despite the well-documented security risks. Shared passwords can easily get into the wrong hands. Additionally, machine-to-machine authentication mechanisms often use a shared password that is used across many devices, and these mechanisms are cumbersome to change on a reasonable timeline. Thus, these types of static passwords are a potential easy entry for hackers looking for a way to break in and access company information.

The good news is that technology can help manage authentication securely. Organizations can implement single sign-on, multifactor authentication and AI to create more secure authentication processes with little end-user interaction required. By incorporating new security technology to supplement or replace traditional authentication methods, the days of remembering dozens of passwords — or hoping your fingerprint wasn’t stolen — will become things of the past.


Dig Deeper on Web authentication and access control

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever’s puzzling you.

Products You May Like

Articles You May Like

HPE issues fix to stop some SSDs from self‑destructing
Coronavirus con artists continue to spread infections of their own
Magecart Hackers Inject iFrame Skimmers in 19 Sites to Steal Payment Data
Chinese #COVID19 Conspiracy Theories Date Back to January
Dharma ransomware source code on sale for $2,000

Leave a Reply

Your email address will not be published. Required fields are marked *