Over time, the password as an authentication system seems more and more has-been.
While many users have less and less confidence in its level of security, companies are already advocating a future without passwords.
But who will be his successor?
20 minutes
met with experts to try to imagine the rest.
The password is dead, long live the password!
With digitalization advancing and all the risks that go with it, the sacrosanct password seems to be a thing of the past.
No more question for users to use their date and place of birth to connect to a social network or to their bank account.
Now, everyone is (or almost) aware of the risks, including cyberattacks.
“I used to have the same password everywhere.
One day, I received an email with my password copied/pasted in it.
Since then, I'm careful, I create a generic password and add the name of the website in it.
Thus, the day when I would receive a fraudulent e-mail giving me my password against money, I would know from which site it was stolen”, entrusts one of our readers.
A simple barrier on a website, the password increases the user's vulnerability to the risk of cyberattacks.
"One of the most common mistakes people make is to reuse the same username and password on multiple sites and devices," warns the latter, who recommends "not to use passwords that are too short and to diversify them according to the sites, so as not to become the ideal victim”, analyzes Loïc Guézo, director of cybersecurity strategy.
consumer biometrics
According to critics of the password, the future of authentication is played on the side of biometrics, either by facial recognition or by fingerprint.
“The evolution of biometric recognition technologies has greatly improved and now provides a very high and almost unalterable level of security.
They have even been widely accepted by the general public”, emphasizes Ismet Geri, general manager of Véridium, a company specializing in this field.
He advocates the "Passwordless" [without password], an identification system based solely on biometrics.
At the level of the general public, the best example is none other than the facial recognition implemented by Apple's “Face ID” system.
A much more ergonomic solution, according to experts, which facilitates the user experience, while drastically reducing security risks.
Because if these biometric technologies have a cost, the benefits in terms of security justify these more modern systems.
"When you take into account the total cost, password-based solutions are certainly not free," said the director of Veridium.
In a company, for example, resetting a password in case of forgetting or loss could be evaluated between 70 and 150 for each employee per year, according to our interlocutor.
Double authentication
But the transition to all biometrics will not be for now.
"The password is everywhere in the system," warns cybersecurity specialist Loïc Guézo.
Until then, companies are turning to multi-factor authentication (MFA) instead.
This is for example the case of the social network Facebook, which uses a second gateway during identification by sending a code to the user's phone.
Enough to ward off automated bots, the main culprits of these cyberattacks.
high tech
What is the most used password in France?
high tech
LastPass: The password manager was allegedly the victim of a cyberattack
In addition to cybersecurity, an economic consequence?
Beyond the cybersecurity problem, Ismet Geri points to the economic consequences of this authentication system.
Recently, the Netflix streaming site, for example, announced that it wanted to make password sharing chargeable.
Because problem for the platform: allowing the sharing of passwords on different positions has caused a fairly significant loss of its turnover.
"We're not trying to stop people from sharing, but we're going to ask you to pay a little more to do it," predicted Greg Peters, Netflix's chief operating officer at a conference.
By the Web
Password
Cybersecurity
Future(s)
Security
Internet