Phone Number +1-202-802-9399 (US)
The Lockdown

Thycotic’s Cyber Security Blog

Passwords and Biometrics. Can they coexist, and should they?

Written by Thycotic Team

August 23rd, 2017

The vision of a biometrics-led future for IT security is breathtaking, but is there a place in the future for passwords? Or are passwords ancient history?

Passwords Need Better Management, Not Replacement

Forget your passwords. They’re ancient history. That’s the message you’ll increasingly see if you keep up with the latest developments in security.

But what is the real impact of innovations like biometrics on the old-fashioned password? Are we really heading to a biometrics-led future, and if so, why should anyone invest in better password and privileged account security now?

The answer is in the fundamentals of best practice around IT security: multi-layered protection that removes any single point of weakness.

Biometrics: the future of authentication

At the end of 2015, 650 million people used biometrics on their smartphones, using technologies like Apple’s Touch ID. By 2020, smartphones are expected to be in the hands of 2 billion users.

It’s not just consumer products. According to beta news, 20% of global enterprises have already deployed biometrics – and, as the technology continues to mature this looks set to grow.

The vision of our biometrics-led future is breathtaking.

The vision of our biometrics-led future is breathtaking. Every user carries their means of authentication with them at every living moment—from their eyes to their fingerprints—and simply verifies their identity with a simple touch or glance. It’s faster and easier than any password could ever be.

But is it really more secure? Hackers have already reverse-engineered fingerprints of high profile figures like the German defense minister. Meanwhile, Samsung’s face-scanning technology can’t be used to authenticate Samsung Pay purchases—hardly a sign of robust security.

While biometrics are becoming more sophisticated, the reality is that the technology has a long way to go. And, in the event of a breach, a fingerprint or iris is a lot harder to change than a password.

Why passwords are interwoven with new technologies

Innovative new security measures will undoubtedly affect the way we do business and play a key role in making data more secure. But alongside these new technologies, passwords are still likely to play a significant part in security.

By definition, two-factor authentication—considered a vital evolution in the way we secure data—requires two factors to authenticate. Even as one of those factors becomes a fingerprint, an iris, or machine using the Internet of Things, passwords will remain a familiar, largely unique, and easy to rotate variable.

The best security is about layers, not replacing one effective form of protection with another. Innovation isn’t exciting because we can say goodbye to our existing layers of protection:  it’s exciting because it adds yet another obstacle for attackers to penetrate before they reach the data that matters.

Passwords need better management, not replacement

Passwords aren’t inherently insecure, but the way many enterprises use and manage their passwords is. That’s why, as we embrace new technology to complement password management, we all need to take the opportunity to make sure we’re getting the basics right.

Bringing your passwords and privileged accounts under your control starts quite simply: list them and check their complexity. Across your shared logins, service accounts, default accounts and passwords held by machines, auditing your passwords is a vital first step in improving your security.

To help you get started, we have put together a free tool to scan Active Directory and find weak passwords.

Download your Weak Password Finder Tool now to instantly assess and increase your password security.



IT Admins: Our collection of free IT tools makes your life easy and your organization safer!



Like this post?

Get our top blog posts delivered to your inbox once a month.