What would the future look like without passwords, and when might it happen

Managing your passwords online can be a chore.

Create this kind of long and complex passwords Best deterrent to internet thieves – especially for Dozens of different accounts online – It can be boring. But it is necessary, bearing in mind that Record of data breaches in the US last year.

That’s why it’s so tempting to dream of a future where no one has to constantly update and change passwords online to stay ahead of hackers and keep data safe. Here is the good news: The biggest names in the technology world They already say that the dream of a passwordless Internet is close to becoming a reality. Apple, Google and Microsoft are among those trying to pave the way.

In this hopeful future, you still have to prove your identity to gain access to your accounts and information. But at least you won’t have to remember endless strings of unique eight-character (or longer) passwords, right?

Well, maybe not quite. The answer is still a bit complicated.

What fewer password options actually exist?

In theory, removing passwords from the cybersecurity equation cancels out what was previously Call Homeland Security Secretary Michael Chertoff “By far the weakest link in cybersecurity.” More than 80% of data breaches are the result of weak or compromised passwords, According to Verizon.

in September, Microsoft announced Its users can use a full password to access services like Windows, Xbox and Microsoft 365. Microsoft users can alternatively use options like Windows Hello or Microsoft Authenticator appswhich uses fingerprints or facial recognition tools to help you log in securely.

Microsoft also allows users to sign in with a verification code sent to your phone or email, or with a physical code safety key – It’s like a USB drive – it plugs into your computer and features encryption that’s unique to you and your device.

Joy Shek, Microsoft’s Vice President of Identity, wrote in September Company blog post Those tools are like Two-factor documentation It has helped improve the security of user accounts in recent years – but hackers can still find ways to get around these extra measures. “As long as passwords are still part of the equation, they are vulnerable,” she wrote.

similarly, Google sells physical security keysand his Smart Lock app It allows you to click a button on your Android or iOS device to sign in to your Google account on the web. In May 2021, the company said that these tools were part of Google’s work toward “creating a future where you’ll one day never need a password.”

Apple devices have used Touch ID and Face ID features for several years. The company also develops files Passkey feature Allows you to use the same facial or fingerprint recognition tools to create files Recordings without password for apps and accounts on your iOS devices.

So, in a sense, there is already a future without a password here: Microsoft says Nearly 100% of company employees use passwordless options to log into company accounts. But getting every company to offer passwordless options to employees and customers will certainly take some time — and it may take a while before everyone feels safe enough to ditch passwords in favor of something new.

This isn’t the only problem either.

How safe are they?

Getting rid of passwords completely isn’t without risks.

First, hackers can intercept verification codes sent via email or text messages. Even scarier: Hackers have demonstrated the ability to trick fingerprint and facial recognition systems, sometimes by Your vital data stolen. Although it can be annoying to change your password, it is difficult to change your face or fingerprints.

Second, some no-password options today still require you to create a PIN or security questions to back up your account. This is not much different from having a password. In other words, tech companies have not yet mastered the technology.

And third, there is the issue of widespread adoption. Like wired Last year pointed out, most passwordless features require you to have a smartphone or some other type of device that’s fairly new. And while the vast majority of Americans own a smartphone, these devices vary widely in terms of age and internal hardware.

In addition, tech companies still need to make online accounts accessible across multiple platforms, not just on smartphones – as well as for people who don’t own smartphones at all, about 15% from the United States

In other words, it will likely be some time before passwords are completely extinct. Enjoy typing long, complex character strings into login boxes while you can.