Slashdot Mirror

← Back to Stories (view on slashdot.org)

Why Are We Still Using Passwords? (securityledger.com)

Posted by EditorDavid on from the fake-credentials dept.

Here's some surprising news from the Akamia Edge conference. chicksdaddy writes: [E]xecutives at some of the U.S.'s leading corporations agreed that the much maligned password won't be abandoned any time soon, even as data breaches and follow-on attacks make passwords more susceptible than ever to abuse, the Security Ledger reports. "We reached the end of needing passwords maybe seven years ago, but we still use them," said Steve Winterfeld, Director of Cybersecurity, at clothing retailer Nordstrom. "They're still the primary layer of defense."

"It's hard to kill them," noted Shalini Mayor, who is a Senior Director at Visa Inc. "The question is what to replace them with." This, even though the cost of using passwords is high and getting higher, as sophisticated attacks attempt to compromise legitimate accounts using so-called "credential stuffing" techniques, which use automated password guessing attacks against web-based applications... Stronger and more reliable alternatives to passwords already exist, but the obstacles to using them are often prohibitive. Shalani Mayor said Visa is "looking at" biometric technologies like Apple's TouchID as a tool for making payments securely. Such technologies -- from fingerprint scans to facial and retinal scans -- promise more secure and reliable factors than alphanumeric passwords, the executives agreed. But customers often resist the technologies or find them error prone or too difficult to use.

15 of 209 comments (clear)

  1. Those... arenâ(TM)t more secure by Anonymous Coward · · Score: 4, Insightful

    Biometrics are not more secure than passwords - theyâ(TM)re less secure but sufficiently more convenient that you can convince people to use them.

    We still use passwords because theyâ(TM)re still the most secure way of authenticating your identity when combined with a second factor.

    1. Re:Those... arenâ(TM)t more secure by nitehawk214 · · Score: 5, Funny

      Like passwords with unicode in them. Impossible to share via Slashdot.

      --
      I'm a good cook. I'm a fantastic eater. - Steven Brust
    2. Re:Those... arenâ(TM)t more secure by fahrbot-bot · · Score: 5, Informative

      Biometrics are not more secure than passwords - they're less secure but sufficiently more convenient that you can convince people to use them.

      A fingerprint is more convenient until the moment you get a blister (or some other damage) on your finger(s), then you're locked out. Seems unlikely? When I got a job at the NASA LaRC way, way back, I had to get fingerprinted, but couldn't because I had been working on my car that week and my hands and fingers were all beat up. I had to wait a week for them to clear up enough to get processed.

      --
      It must have been something you assimilated. . . .
  2. Biometrics arenâ(TM)t secure... by Anonymous Coward · · Score: 5, Insightful

    If I ever get arrested or stopped at the airport, my phone could be unlocked by forcing my finger on the button or scanning my face(iPhone X). So without a password, biometrics can trivially compromise your security against state/pseudostate actors when they have physical access to you. At least with a passcode they have to observe some sort of due process to coerce you.

  3. customers often resist the technologies by Jamlad · · Score: 4, Insightful
    because as everyone with half a brain realizes that biometrics are a fucktarded method of authentication. A keyword gets exposed, fine. Change it. Your fingerprint gets exposed? How are you going to revise that?

    The best method of authentication, as far I I've experienced, is a physical token (keycard). Worst case scenario, I don't notice it's missing after two days (Friday evening till Monday morning). Chances are I've dropped in a city centre rather than haven it exploited by an unknown agency. Even still, they;ve only got the physical credentials of a low-tier employee. On-site physical access is still required.

  4. Give up anonymity if it saves just one life by elainerd · · Score: 5, Insightful

    Clearly we need to replace passwords with a chip or mark or tattoo in the palms of the hands and on the foreheads / retinas, etc. Then we need to make sure that people can't buy or sell without taking these marks on themselves. Naturally cash will have to be eliminated. This way we can control and identify what the people spend their money on and we can use this information to further oppress and bind them down into abject bondage and suffering. Yep, that's the ticket. No more anonymity, all must bow down and accept the will of Evil. Every citizen a slave.

      "A jackboot stamping on a human face forever"-Orwell or Huxley, i forget and am too lazy to search.

    --
    Faith: Belief in Truth. Superstition: Belief in Falsehood.
  5. Oh FFS, not this crap again by Anonymous Coward · · Score: 5, Insightful

    We use passwords because it's something you know AND SOMETHING YOU CAN CHANGE WHEN COMPROMISED.

    You cannot change your fingerprints or other biometric data so when it's compromised or when technology advances in a way which allows the biometric sensors to be fooled then you are completely and totally stuffed. :-(

    Do the people proposing this ever have _ANY_ real world experience at all ?

    Oh, and yes, using biometric data allows intelligence agencies, who will likely be able to obtain that information in various ways, to pretend to be you when they want to compromise systems you control.

  6. Steal all the biometric files by jfdavis668 · · Score: 4, Insightful

    Instead of breaking in and stealing passwords, break in and steal all the biometric files. Your fingerprint may be unique, but to identify you I have to have a copy. If someone steals that copy, you are now compromised in a way you can't correct. You can't change your fingerprint every 60 days.

  7. because.. by epyT-R · · Score: 4, Informative

    1. They aren't tied to biometrics, which once compromised, aren't easily changed. Plus, many people find it instinctively invasive, possibly because of that reason. In contrast, passwords/x509 are easily changed when when compromised or forgotten.

    2. Biometrics work as authenticators but not as authorizers.. Nothing stops someone from duplicating your biometric properties (pic of your fingerprints or irises/face) without your authorization. Not so with a password.

  8. The answers by Okian+Warrior · · Score: 4, Interesting

    The answers are pretty obvious.

    Firstly, we still use them because there's no reasonable replacement. Duh.

    Secondly, there's no reasonable replacement because of the way our computers work.

    Passwords are essentially information held in a system outside the computer (your head), that can be used for verification. The problem is that humans aren't really good at remembering passwords, and we need so many of them, and they are infrequently needed.

    All attempts at using computers to solve this issue have run afoul of the "general purpose computer" problem: because our computers do not address security properly, we cannot guarantee what software is running on the local hardware. We cannot guarantee the security of passwords held on the computer, or in an encrypted file, because it's so easy to download and run malware. No one keeps track of all the things run on the computer, and we can't even trust the people who supposedly *do* keep track.

    One reasonable solution is to use hardware specific to the purpose that's *not* a general purpose computer.

    If you had a piece of hardware - a thumb drive, for example - that was *not* general purpose and could not download and execute code, then that could be made pretty secure. It could hold a person's private key, have functions to encrypt, decrypt, and sign documents, and also pass out the public key. It could also download and install new keys, with the understanding that the base functions could not be changed.

    There's some details involved: you need a way to securely backup the data, and you need a way to securely recover the data in various situations. Mostly, you need to save the data somewhere safe and write down a master password (one, a PIN of sorts) somewhere else.

    The Mooltipass is pretty close. It generates strong passwords for each web site registration, and will fill in the fields for you when you go to log in.

    That's not the complete solution, however. It should *encrypt* the password with the user's private key and the site's public key so that no one can view it(*), or even better use a zero-knowledge authentication process.

    If we could somehow begin using a fixed-program computer - say, something the size of a credit-card calculator that requires a pin and that holds the information for *all* the cards in your wallet - we could get away from passwords.

    We would also have a single point on which we could put *all* our effort to make secure.

    Hypothetically, that one card would reduce credit card fraud to near zero. When you use the card you enter your PIN on the keypad, and the card generates a ShopSafe number tied to your credit account, valid for one purchase.

    Take a look at the badges at high-tech conferences these days. It seems like the hardware shouldn't be that hard or expensive.

    Could this be the next killer product from Apple? A hand-held thingy that's secure and ultra-convenient, that you use for payments (IRL and online) and password entry?

    (*) Yes, ssh is not absolutely secure. Did you think all those cert authorities in your browser have been properly vetted?

  9. Sometimes the first impulse is right by goombah99 · · Score: 5, Insightful

    think of them as a mutable biometric. it's biometric because its stored in your brain. It's mutable because you can change it. it can't actually be stolen from you if you don't give it up or write it down.

    it's only when you go to transmit it that the problem occurs.

    When you look at this this way, then you see that things like finger prints or retina have the same problems and worse. they are not mutable, they can be taken from you without you knowing it, and the transmission layer is still vulnerable

    Nearly always, your first solution to a problem is the best one. Not always of course or there would be no need to research and study. But people have been using passwords for milennia because they are an effective tool that works from giving something to the sentry, to logging into google.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  10. SLASHDOT: FIX YOUR CODE MANGLING!!! by goombah99 · · Score: 4, Informative

    people who post to slashdot from iphones and such get all of their apostrophes turned into å(TM)t â(TM)t

    THis is 2017, it's possible to parse plain text and unicode correctly now I have read.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  11. and the biometrics can change by swschrad · · Score: 4, Insightful

    accident damage, surgery, degredation of the eye are some of the ways you can be locked out of a biometric identifier. as the population ages, this is an issue that you need to think about. I will not use bios for this reason, as for some reason, I am not getting younger and more invulnerable.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
    1. Re: and the biometrics can change by Anonymous Coward · · Score: 4, Insightful

      Passwords are âoesomething you knowâ, and would be impossible to hack, or obtain, since itâ(TM)s metaphysical and in your brain. The trouble with passwords is inconsistency and bad practice.

      Expiring passwords was recently deemed a bad idea by NIST, since it leads users to simple patterns and incremental changes of least-complexity allowed.

      Furthermore, any system which allows arbitrarily large guesses is weak, not the password itself. It doesnâ(TM)t matter if itâ(TM)s biometric, passwords, tokens, sms messages, anything. All these systems send binary numbers representing the measured input, and I can code a computer to log in using random or incremental data. With enough guesses, Iâ(TM)m going to be right. The only defense is a system where wrong guesses locks accounts, and a different form of identification is required. The iPhone does this best IMHO. You can use your finger only a half dozen times incorrectly before it moves to passcode. 10 wrong tries with that, and wipe. Go back to your backups.

      Itâ(TM)s astonishing how well it works, contrasted with how poorly the rest of Appleâ(TM)s authentication mechanisms work.

      The other problem is systems which store the plain-text of passwords. When a site gets hacked with users and passwords, they werenâ(TM)t using a one-way hash, with a good user-unique salt, and the passwords are now compromised. Since uses tend to repeat a password over multiple services, your password is now only as strong as the weakest system. This is where two-factor comes in to play. A few wrong two-factors and the account should get locked, and the password should be expired.

      Good systems will lock after too many bad tries, and passwords should be two-factored so reused passwords that were exposed online are rendered ineffective.

  12. Because by markdavis · · Score: 4, Insightful

    >"Why Are We Still Using Passwords? "

    Because they are cheap, generally convenient, proven, and understood. Passwords actually work quite well *IF* they are managed correctly. And despite the summary, dictionary attacks are generally useless when servers are configured correctly.

    For high security, when necessary, combining a password with a token of some sort is extremely effective.