Do you suffer from password rage? It is a condition that afflicts people who have too many passwords, frequently forget their login information, and succumb to a number of side effects, which include crying, screaming, and banging their heads on their desks.
WiActs is a company based out of San Francisco, California, and they are trying to achieve 100% eradication of password rage in the near future. How? They're getting rid of passwords.
It should be noted that their driving motivator is not the frustration that passwords cause; it is the immense security risk that passwords create, but that is still good news for everyone. As their homepage prominently notes, this is "Identity Management For the Future".
"We conducted a survey of working professionals and asked them about their password security practices," said Yaser Masoudnia, CEO of Wiacts. "Over 98% of respondents admitted to using the same password for more than one of their business accounts, and 86% said that they sometimes use the same password for their personal profiles as they do for their work profiles."
Password security breaches are a very serious problem for today's businesses. Verizon's 2015 Data Breach Investigations Report (DBIR) estimated the net loss from data breaches last year at over $400 million. For a visual understanding of the impact these breaches can have, this timeline of the biggest breaches of the last decade is compelling.
While not every data breach is caused by poor password security, hackers are constantly on the prowl for the keys to valuable stores of data. It is little wonder that companies like LastPass, a password storing service that was hacked in June, 2015, are frequent targets for hackers. In fact, Verizon's 2014 DBIR said as many as two thirds of all hacks were made possible by misused or stolen credentials.
Masoudnia says that the market is responding to this vulnerability and pivoting towards solutions like WiActs. WiActs is able to totally eliminate the need for passwords by utilizing a device that everyone carries with them at all times: their phones. Here is how it works:
All of this takes about 5 to 10 seconds.
The system, which may sound confusing to people who have used passwords their whole lives, is the new standard in bullet proof security. Masoudnia is quick to point out a couple of unique features. First, your fingerprint is not recorded by WiActs, it is only locally verified by your device, meaning that no one can use it to hack into the system. And second, every phone has a unique signature built into its software, and when that is combined with a randomly generated code every time you login, it makes the transmission theoretically impossible to hack.
At the end of the day, no combination of upper and lower case, numbers, and special characters can make a password totally secure. Passwords become insecure when people write them down, share them with others, or copy them across multiple accounts.
The first to experience the shift to password-less authentication will be those in the corporate world, particularly finance, where data breaches can cost tens of millions of dollars. WiActs is already working with large banks and government clients to renovate their ID management.
How long will it be before you can login to Facebook by scanning your thumb? That is anyone's guess. But the era of passwords is almost certainly drawing to a close.