Passwords have been omnipresent for online activity since the invention of the Internet, but the experts said Nowsweek It may not be true for much longer.
Developments in artificial intelligence and new authentication systems mean that traditional passwords are quickly upgraded or replaced by biometric safety options – something that cannot be reproduced.
Why it matters
The password label of most people are not afraid where security experts say it should be. In the United States, the most common password length is only eight to 10 characters, and an important part contain only letters and tiny figures, making passwords vulnerable to brutal attacks.
For this reason, and the instant access they grant, passwords are the most desirable information that a hacker or fraudster can obtain, and most of the scam techniques is designed to obtain them, giving criminals access to devices, computer networks or even in bank accounts.
The future of passwords
For many users, entry of passwords manually is already one thing in the past, high-level password managers automatically proving a supposedly to store and automatically enter passwords.
However, Subho Halder, the co-founder and CEO of the security company APPKNOX said Nowsweek That password managers have their own problems and that multi-factory authentication (MFA) was one of the most reliable ways to strengthen the strength of any safety-based safety system.
“Password managers become more advanced but also more exposed,” said Halder.
“They are now using zero knowledge encryption and a MFA supported by equipment, but they remain targets of choice because of what they protect. Lastpass violation has shown that even encrypted vaults can become responsibilities if metadata is disclosed or if users do not allow MFA.
Photo-illustration by Newsweek / Getty / Canva
“Users must protect password managers in the same way as companies protect the jewels of the crown: with MFA, encryption, regular audits and a good dose of paranoia. A password manager is a safe, but without hardened door, it’s always vulnerable.”
Kyle Kurdziolek, vice-president of the security firm of Bigid data, echoed this feeling, telling Nowsweek These password managers were reliable but always sensitive to traditional hacking methods.
“Password managers continue to become more secure overall with most now using strong encryption, the adoption of zero trust architecture and additional security checks.
“But like any tool, they are as secure as the people and the systems around them. We see breaches occur when master passwords are reused or stolen by phishing, or when software vulnerabilities are not corrected.
“The best way to protect a password manager is to use solid and unique master passwords, activate multi-factor authentication and keep the software up to date. But it does not stop there. Even with a good password manager, identification information and secrets are often duplicated and hidden on code, cloud storage or collaboration tools.”
Biometric safety
The two experts said that biometrics, physical data such as fingerprints and facial recognition that cannot be easily separated from their owner, was one of the most likely ways whose passwords could be deleted in the near future.
“We are at a inflection point, not in terms of technology but in confidence and consistency,” said Halder. “Leskes de Passkeys, biometric authentication and chip -based access is already there, but adoption is fragmented. A report by the Fido 2024 Alliance has shown that less than 15% of websites currently support Passkeys despite the growing support of Apple and Google.
“At Appknox, we systematically note that if applications can offer” password “connections such as OTPS or biometrics, they often implement them in an inserted manner, exposing users to interception, to reuse or replay the attacks.
“So we don’t just replace passwords, we are reconstruct the idea of access zero. Until secure authentication and without password becomes interoperable and infallible on all platforms, passwords will persist as inherited withdrawal. “”
Kurdziolek agreed with the focus on biometrics, but said that the industry should take care of the adoption process did not include any gap or defect in technology.
“There is a real momentum behind technologies that could replace traditional passwords, such as biometrics, MFA and material security keys, but generalized adoption is still underway. Although there is momentum behind organizations that take measures to a future without password, for many, it is still years.
“The replacement of passwords is only part of the solution. Secrets, identification information and keys often remain hidden on cloud storage, code standards and everyday tools. Organizations must take control of their sensitive data wherever they live, so that they go to safety without password, they can reduce the risks and fill the gaps that attackers could use.”
Artificially intelligent passwords
As with any technology space at the moment, the biggest question is how AI will have an impact on the future.
Regarding passwords, consensus is that AI is a double -edged sword; It offers users larger tools and detection methods for safety purposes, but it also gives criminals and pirates these same tools.
“This helps users and attackers, but at the moment, attackers are playing faster,” said Halder Nowsweek.
“The AI does not simply speed up attacks by brute force; it is the decoding of password models, the content of phishing generating automatically and simulates human behavior more convincing than ever.
“On the other hand, the AI also helps defenders – to identify asset attacks of real -time identification information to alert users when their passwords are weak or reused. But we cannot let AI be a dressing.
“The real jump will come to cease to count on passwords and move to a continuous contextual authentication fueled by the behavior, biometrics and identity of the devices, not only the secrets.”
Kurdziolek was also prudent of AI, and said that criminals used it to break passwords more and more quickly.
“The AI reshapes the password safety landscape on both sides of the equation. For everyday users and defenders, AI helps detect suspicious connections, attempts to paddle identification information faster and the power of authentication methods without smarter password such as biometrics.
“But the attackers also use AI to break the passwords faster thanks to automated attacks by brute force and to develop more convincing phishing patterns that steal first.
“In the end, the AI makes a strong password hygiene and the protection of even more critical secrets. Replacing or completing passwords with multi-factor authentication or without password is an intelligent step, but it is just as important to discover identification information and hidden secrets that attackers could exploit.”
