recommended reading

Forget Your Password? No Problem -- Here are 4 Body Parts That Could Authenticate Your Identity Online


First the good news: “password” is no longer the most widely used password. Now the bad news: it’s been knocked off the top spot by “123456.” Banks and online retailers—who have the most to lose from hacks—know that no matter how much they ask users to think up a password with capitals, numbers, characters, and obscure phrases in Tagalog, passwords will always remain weak and prone to hacking.

So if thoughts from inside your head won’t cut it, perhaps actual body parts will. Here what some people think might replace passwords for good:

Your veins

Barclays announced last week it will provide biometric readers to its corporate banking clients from next year. The biometric reader looks like a bank-branded pulse oximeter, the sort of medical device you’re hooked up to when rushed to the hospital. It looks for unique vein patterns in the finger to ensure the person brokering a big deal is, in fact, who they say they are.

Your vocal chords

It’s not the first newfangled technology that Barclays has deployed to try and bolster security. Last year it introduced “voice biometrics”—analysing speech patterns—for its wealth and investment management clients. That system is provided by Nuance, a company best known for producing the Dragon NaturallySpeaking voice-to-text software. It has a 95% success rate in correctly identifying customers (standard security questions are used as a fallback option).

Your hand(writing)

Alibaba, the giant Chinese online retailer, is integrating fingerprint scanning into its Alipay Wallet app. Foxconn, the Taiwanese manufacturer of the iPhone and iPad, threw nearly $5 million at Norway’s NEXT Biometrics, which develops fingerprint scanning technology, back in May. And earlier this month it took a 10% stake for $2 million in AirSig, a Taiwanese company that uses smartphones’ built-in gyroscopes to track air handwriting. The company says AirSig provides three-factor authentication: your signature, your phone, and the way you sign with a flourish in mid-air.

Your friends’ faces

If you don’t particularly care for the idea of using your own body parts, why not use a friend’s? Researchers at the University of York recently tested the theory behind a system that they call “Facelock.” Users pick people known to them but not to the general public. Pictures of these familiar faces replace the password; users are given a selection to choose from. Lab tests show that hackers guess the correct face less than 1% of the time, while legitimate users rarely failed in their recall.

None of these systems are as innovative or infallible as their makers boast. Fingerprint scanners have been attached (pdf) to mainstream consumer electronics for more than a decade, and have often proved temperamental or prone to fakery. Apple’s TouchID on the iPhone 5s was hack-free for a grand total of 48 hours after its release. Signatures can be forged, even if they’re written in mid-air.

But at least nobody’s going to be chopping off fingers: For Barclays’s finger vein technology to work, the finger must be attached to a body. One way or the other, the future of passwords is clear, and it doesn’t involve passwords.

Reprinted with permission from Quartz. The original story can be found here

(Image via ktsdesign/

Threatwatch Alert

Network intrusion / Software vulnerability

Hundreds of Thousands of Job Seekers' Information May Have Been Compromised by Hackers

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.