The first computer password is believed to have been created in the 1960’s at M.I.T. It was first applied
to CTSS, an early computer with only 27kb of data storage. This computer was considered to be state of
the art in its time, and the password a robust way to keep the data stored within it safe.
A lot has changed in the nearly sixty years since CTSS’ time however, as those early computers evolved
and lead the world into today’s Information Age. Today the average household computer has a data
storage capacity roughly 1 billion times greater than CTSS. Information storage is cheap and readily
available.
With so much more information in circulation today then, why is it that password protection is still
adequate for safeguarding sensitive information?
The answer is simple - it’s not.
The password was created in simpler times and although it was adequate protection for that time the
adoption of more modern protection methods has failed to keep pace with the proliferation of
information technologies.
It is only now, with the increasing examples of security breaches into private data (Sony, JP Morgan,
Home Depot, Ebay etc) that industry leaders are waking up to the need for more robust security
technologies and increasingly adopting Biometric authentication as a solution as it offers a more robust
and secure method of protection.
Advantages of Biometrics over Password Authentication
Uniqueness
The first, and perhaps biggest, advantage Biometric authentication has over password based
authentication is its uniqueness. It is easy to compromise any password based system once an individual
gains access to a user’s credentials. With biometric authentication however, the user IS the
authentication key. Only the user’s unique features can be used to gain access to a system, and by
necessity that user must be present, eliminating the possibility of defeat by Fraud.
Biometric authentication is near impossible to forge, and unlike a password, cannot be shared with
another individual. It can be used in plain sight without risk of compromise, and in no way can be ‘lost’
or ‘stolen’ (like an ID badge).
Additionally, as the authentication key is unique to the user, it can be used to unequivocally link a user
to any transaction or event accessed by the user, something password based authentication cannot
offer.
Scalability
Unlike password authentication, Biometric authentication presents opportunities for scalability much
greater than other means of authentication.
Biometric authentication, especially finger print authentication is amongst the most affordable means of
authentication. The need for infrastructure is minimal, and once a user has been added to a biometrics
driven system there is no need for additional costs related to authentication key change requests and
maintenance (as with password based authentication).
Biometric authentication also does not require a keyboard interface, allowing for it to easily be adapted
for use with other devices outside of a computer system (i.e. Building security, time keeping systems,
banking, etc) while still ensuring security is maintained.
Removes Human Fallibility
Another practical advantage Biometric Authentication offers over Password Authentication is its ease of
use. Unlike a password driven system which requires the user to remember necessary information
which can easily be forgotten, the use of Biometrics authentication means an authorized user can never
be locked out accidentally.
Biometric authentication also eliminates the problems caused by the utilization of the same password
for multiples systems. Although it is not recommended, many users make use of the same password for
multiple systems. Users often use the same password in order to better remember it, especially when
special characters and numerals are required making passwords difficult to memorize.
This opens users up to the possibility that of all systems becoming compromised with the discovery of
just once password.
With Biometrics authentication, however, there is nothing to remember, and no way in which a user’s
credentials can be misappropriated to access a single or multiple systems.
to CTSS, an early computer with only 27kb of data storage. This computer was considered to be state of
the art in its time, and the password a robust way to keep the data stored within it safe.
A lot has changed in the nearly sixty years since CTSS’ time however, as those early computers evolved
and lead the world into today’s Information Age. Today the average household computer has a data
storage capacity roughly 1 billion times greater than CTSS. Information storage is cheap and readily
available.
With so much more information in circulation today then, why is it that password protection is still
adequate for safeguarding sensitive information?
The answer is simple - it’s not.
The password was created in simpler times and although it was adequate protection for that time the
adoption of more modern protection methods has failed to keep pace with the proliferation of
information technologies.
It is only now, with the increasing examples of security breaches into private data (Sony, JP Morgan,
Home Depot, Ebay etc) that industry leaders are waking up to the need for more robust security
technologies and increasingly adopting Biometric authentication as a solution as it offers a more robust
and secure method of protection.
Advantages of Biometrics over Password Authentication
Uniqueness
The first, and perhaps biggest, advantage Biometric authentication has over password based
authentication is its uniqueness. It is easy to compromise any password based system once an individual
gains access to a user’s credentials. With biometric authentication however, the user IS the
authentication key. Only the user’s unique features can be used to gain access to a system, and by
necessity that user must be present, eliminating the possibility of defeat by Fraud.
Biometric authentication is near impossible to forge, and unlike a password, cannot be shared with
another individual. It can be used in plain sight without risk of compromise, and in no way can be ‘lost’
or ‘stolen’ (like an ID badge).
Additionally, as the authentication key is unique to the user, it can be used to unequivocally link a user
to any transaction or event accessed by the user, something password based authentication cannot
offer.
Scalability
Unlike password authentication, Biometric authentication presents opportunities for scalability much
greater than other means of authentication.
Biometric authentication, especially finger print authentication is amongst the most affordable means of
authentication. The need for infrastructure is minimal, and once a user has been added to a biometrics
driven system there is no need for additional costs related to authentication key change requests and
maintenance (as with password based authentication).
Biometric authentication also does not require a keyboard interface, allowing for it to easily be adapted
for use with other devices outside of a computer system (i.e. Building security, time keeping systems,
banking, etc) while still ensuring security is maintained.
Removes Human Fallibility
Another practical advantage Biometric Authentication offers over Password Authentication is its ease of
use. Unlike a password driven system which requires the user to remember necessary information
which can easily be forgotten, the use of Biometrics authentication means an authorized user can never
be locked out accidentally.
Biometric authentication also eliminates the problems caused by the utilization of the same password
for multiples systems. Although it is not recommended, many users make use of the same password for
multiple systems. Users often use the same password in order to better remember it, especially when
special characters and numerals are required making passwords difficult to memorize.
This opens users up to the possibility that of all systems becoming compromised with the discovery of
just once password.
With Biometrics authentication, however, there is nothing to remember, and no way in which a user’s
credentials can be misappropriated to access a single or multiple systems.