{"id":771,"date":"2020-07-14T19:50:32","date_gmt":"2020-07-14T19:50:32","guid":{"rendered":"https:\/\/www.limetreelabs.com\/blog\/?p=771"},"modified":"2020-07-14T19:50:48","modified_gmt":"2020-07-14T19:50:48","slug":"5-password-alternatives-that-are-changing-how-we-login","status":"publish","type":"post","link":"https:\/\/www.limetreelabs.com\/blog\/5-password-alternatives-that-are-changing-how-we-login\/","title":{"rendered":"5 Password Alternatives That Are Changing How We Login"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img data-opt-id=1650470717  fetchpriority=\"high\" decoding=\"async\" width=\"801\" height=\"520\" src=\"https:\/\/mlqqfyvmtktq.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/www.limetreelabs.com\/blog\/wp-content\/uploads\/2020\/07\/password-alternatives.png\" alt=\"password alternatives\" class=\"wp-image-772\" srcset=\"https:\/\/mlqqfyvmtktq.i.optimole.com\/w:801\/h:520\/q:mauto\/f:best\/https:\/\/www.limetreelabs.com\/blog\/wp-content\/uploads\/2020\/07\/password-alternatives.png 801w, https:\/\/mlqqfyvmtktq.i.optimole.com\/w:300\/h:195\/q:mauto\/f:best\/https:\/\/www.limetreelabs.com\/blog\/wp-content\/uploads\/2020\/07\/password-alternatives.png 300w, https:\/\/mlqqfyvmtktq.i.optimole.com\/w:768\/h:499\/q:mauto\/f:best\/https:\/\/www.limetreelabs.com\/blog\/wp-content\/uploads\/2020\/07\/password-alternatives.png 768w\" sizes=\"(max-width: 801px) 100vw, 801px\" \/><\/figure>\n\n\n\n<p>Many software and technology companies have innovated in the area of password protection\u00a0and are creating easier-to-use alternatives. Apple&#8217;s &#8220;Face ID&#8221; which uses biometric scanning\u00a0to unlock your phone is probably the most widely used of these innovations.<\/p>\n\n\n\n<p>Passwords are a&nbsp;pretty laughable&nbsp;method of authentication and can be scooped up by scammers pretty easily\u2014from sheer brute force to simple phishing. Here are some password alternatives along with the pros and cons of each.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Two-Factor Authentication<\/h2>\n\n\n\n<p>What you really need is a second way to verify yourself. That&#8217;s why many internet services, a number of which have felt the pinch of being hacked, offer&nbsp;<strong>two-factor authentication<\/strong>. It&#8217;s sometimes called 2FA, or used interchangeably with the terms &#8220;two-step&#8221; and &#8220;verification&#8221; depending on the marketing.<\/p>\n\n\n\n<p>2FA increases the safety of&nbsp;online accounts by requiring&nbsp;two types of information from the user, such as a password or PIN, an email account, an ATM card or fingerprint, before the user&nbsp;can log in. The first factor is the password; the second factor is the additional item.<\/p>\n\n\n\n<p>Used on top of the regular username\/password verification, 2FA bolsters security by making it more difficult for intruders to gain unauthorized access\u2014even if a perpetrator gets past the first authentication step.<\/p>\n\n\n\n<p>The downsides to 2FA are increased login time, integration, and maintenance. These can feel like a chore, but the increased security is well worth the effort.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Biometrics<\/h2>\n\n\n\n<p><strong>Biometrics<\/strong> are physical or behavioral human characteristics to that can be used to digitally identify a person to grant access to systems, devices or data.<\/p>\n\n\n\n<p>Examples of these biometric identifiers are fingerprints, facial patterns, voice, or typing cadence. Each of these identifiers is considered unique to the individual, and they may be used in combination to ensure greater accuracy of identification.<\/p>\n\n\n\n<p>Biometric authentication is convenient, but privacy advocates fear that biometric security erodes personal privacy. The concern is that personal data could be collected easily and without consent.<\/p>\n\n\n\n<p>The risks are real, but biometric technology still offers very compelling solutions for security, as the systems are convenient and hard to duplicate.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Magic Links \/ OTP<\/h2>\n\n\n\n<p><strong>Magic links<\/strong> are a kind of authenticated URL, which you send to the user in the form of an SMS\/email that helps them log in to the system with just one click of the link without any human interaction (no need for the user to enter username and password).<\/p>\n\n\n\n<p>It\u2019s clear what the advantages of <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/identity\/passwordless\">passwordless<\/a> authentication are. In theory, a passwordless world means you don\u2019t have to remember any passwords. Apps you trust log you into other apps, and when that fails, email and SMS come to the rescue.<\/p>\n\n\n\n<p>The issue with passwordless authentication is the same as reusing passwords; if a malicious third party gains access to your login apps or your email, then they can access all of your accounts.<\/p>\n\n\n\n<p>This means that whether you\u2019re using passwords or passwordless authentication, activating a second factor to log into accounts is still crucial.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Physical Keys<\/h2>\n\n\n\n<p><strong>Physical keys<\/strong> are small physical devices that plug into a USB port on your computer and works with the Chrome browser and platforms that enable it (like Google, Facebook, GitHub, Dropbox). You can carry it on a keychain like a regular key.<\/p>\n\n\n\n<p>Security keys protect you against phishing. If someone doesn\u2019t have the physical key, they can\u2019t log in as you. Google Authenticator generates a numerical code, which could potentially be phished. Both are safer than using a login code sent to you over SMS.<\/p>\n\n\n\n<p>The downside is that if you lose the both the security key and the recovery code, you\u2019ll need to prove your identity to the site\u2019s satisfaction. What this means will be different for each site. Expect to spend a lot of time on the phone.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">SSO<\/h2>\n\n\n\n<p>Single sign-on (<strong>SSO<\/strong>) is a\u00a0session and user authentication service\u00a0that permits a user to use one set of login credentials\u2014for example, a name and password\u2014to access multiple applications.<\/p>\n\n\n\n<p>The upsides to SSO include reducing password fatigue, simplifies username and password management, and improves identity protection. When changes of personnel take place, SSO reduces both IT effort and opportunities for mistakes. Employees leaving the organization relinquish their login privileges.<\/p>\n\n\n\n<p>One of the challenges of SSO is that extra-strong passwords must be enforced. SSO can also take longer than expected to set up. Each environment is different, so added steps in implementation can crop up.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Another Day, Another Password<\/h2>\n\n\n\n<p>Our daily interactions with tech require us to <a href=\"https:\/\/www.limetreelabs.com\/blog\/it-security-101\/\">consider security<\/a>. More and more of both our business and personal data is being uploaded onto apps, file-shares, and other cloud applications. Don&#8217;t you think it&#8217;s worth safeguarding that data? These password alternatives will give you options that make your life easier while protecting you and your data.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many software and technology companies have innovated in the area of password protection\u00a0and are creating easier-to-use alternatives. Apple&#8217;s &#8220;Face ID&#8221; which uses biometric scanning\u00a0to unlock your phone is probably the most widely used of these innovations. Passwords are a&nbsp;pretty laughable&nbsp;method of authentication and can be scooped up by scammers pretty easily\u2014from sheer brute force to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":772,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[45],"tags":[72,125,147],"class_list":{"0":"post-771","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-security","8":"tag-cybersecurity","9":"tag-it-security-2","10":"tag-password-alternatives","11":"entry"},"_links":{"self":[{"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/posts\/771","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/comments?post=771"}],"version-history":[{"count":2,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/posts\/771\/revisions"}],"predecessor-version":[{"id":774,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/posts\/771\/revisions\/774"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/media\/772"}],"wp:attachment":[{"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/media?parent=771"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/categories?post=771"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.limetreelabs.com\/blog\/wp-json\/wp\/v2\/tags?post=771"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}