Stop thief!

The seemingly easy theft of biometric data is not necessarily new. Just over two years ago the U.S. Office of Personnel Management (OPM) admitted that upwards of 5.6 million unique biometric identifiers - -fingerprints - of federal employees were swiped in a massive server breach. With the blame-game pointing fingers at possible national governments as the sources of the hack, such a government may now possess the fingerprint biometric ID of various U.S. government officials – an ID that can no more be changed by the victim than they could change the color of their eyes. By contrast a stolen or compromised password can be instantly replaced by a new password.

While these and other stories emerge of the failings of biometric-based security systems to protect sensitive personal data on their own, some of the best and brightest in the entire high-tech field are doing their part to boost the effectiveness of the tried and true password.

At the recent Consumer Electronics Show (CES), the Wi-Fi Alliance that sets voluntary safety standards for all wireless devices, announced a new and safer Wi-Fi to be unveiled later this year. The Alliance consists of major tech players like Microsoft, Apple, Samsung, Intel, and Cisco. With a core belief that passwords are at the heart of protection for new Wi-Fi Protected Access 3 (WPA3) standards the Alliance is promoting, the new standards will offer very strong data protection even when some users defer to notably bad and easily hacked passwords, such as 12345.

No substitute for strong passwords

In actuality there are several very good reasons why strong passwords are a fundamental part of a factor authentication strategy and will continue to be so for years to come. For one thing passwords can be changed from time to time. That is obviously not the case with fingerprint or facial or iris recognition.

Also because strong passwords exist only in the mind of the user, or more effectively held with a comprehensive password management solution, they are highly resistant to most attacks based on attempts at compromising passwords.

And data is generally encrypted for the utmost in security. Encryption requires a cipher key to decrypt, a key that can only be derived from a strong password typed precisely (or entered by the password management solution).

Seen this way, it is clear that biometrics is surely convenient and growing in popularity, but cannot on their own be the primary and only defense against hacking. They are, however, an effective second or third component of multi-factor authentication.

Finally, survey after survey, including the recent one from Keeper, show continued poor password hygiene by many end users, such as the use of weak passwords or use of strong passwords frequently forgotten or use of the same passwords for access to different systems, devices, and sites. Users are well aware of the consequences of doing so, such as having to give up on online purchases when passwords are forgotten and cannot be easily achieved.

Conclusion

The simple and readily available and often free solution to all this is a comprehensive password management solution. Experience has shown these solutions can make proper password usage the norm, and greatly limit if not eliminate most of the successful attacks caused by weak passwords. Users need remember but one and only one password to unlock the underlying system that then generates and uses highly complex, strong passwords that are virtually unhackable.

Yes, biometrics is becoming more mainstream but it's important for the public to understand the difference between security and convenience. Every individual user and organization has a different level of risk aversion. Biometrics cannot provide security on their own merit, and a strong password management strategy is critical in preventing cyber attacks and data theft. The pairing of a comprehensive password management solution with a biometric solution offers the highest levels of data security in an increasingly dangerous cyber world.