recommended reading

Forget Your Password? No Problem -- Here are 4 Body Parts That Could Authenticate Your Identity Online


First the good news: “password” is no longer the most widely used password. Now the bad news: it’s been knocked off the top spot by “123456.” Banks and online retailers—who have the most to lose from hacks—know that no matter how much they ask users to think up a password with capitals, numbers, characters, and obscure phrases in Tagalog, passwords will always remain weak and prone to hacking.

So if thoughts from inside your head won’t cut it, perhaps actual body parts will. Here what some people think might replace passwords for good:

Your veins

Barclays announced last week it will provide biometric readers to its corporate banking clients from next year. The biometric reader looks like a bank-branded pulse oximeter, the sort of medical device you’re hooked up to when rushed to the hospital. It looks for unique vein patterns in the finger to ensure the person brokering a big deal is, in fact, who they say they are.

Your vocal chords

It’s not the first newfangled technology that Barclays has deployed to try and bolster security. Last year it introduced “voice biometrics”—analysing speech patterns—for its wealth and investment management clients. That system is provided by Nuance, a company best known for producing the Dragon NaturallySpeaking voice-to-text software. It has a 95% success rate in correctly identifying customers (standard security questions are used as a fallback option).

Your hand(writing)

Alibaba, the giant Chinese online retailer, is integrating fingerprint scanning into its Alipay Wallet app. Foxconn, the Taiwanese manufacturer of the iPhone and iPad, threw nearly $5 million at Norway’s NEXT Biometrics, which develops fingerprint scanning technology, back in May. And earlier this month it took a 10% stake for $2 million in AirSig, a Taiwanese company that uses smartphones’ built-in gyroscopes to track air handwriting. The company says AirSig provides three-factor authentication: your signature, your phone, and the way you sign with a flourish in mid-air.

Your friends’ faces

If you don’t particularly care for the idea of using your own body parts, why not use a friend’s? Researchers at the University of York recently tested the theory behind a system that they call “Facelock.” Users pick people known to them but not to the general public. Pictures of these familiar faces replace the password; users are given a selection to choose from. Lab tests show that hackers guess the correct face less than 1% of the time, while legitimate users rarely failed in their recall.

None of these systems are as innovative or infallible as their makers boast. Fingerprint scanners have been attached (pdf) to mainstream consumer electronics for more than a decade, and have often proved temperamental or prone to fakery. Apple’s TouchID on the iPhone 5s was hack-free for a grand total of 48 hours after its release. Signatures can be forged, even if they’re written in mid-air.

But at least nobody’s going to be chopping off fingers: For Barclays’s finger vein technology to work, the finger must be attached to a body. One way or the other, the future of passwords is clear, and it doesn’t involve passwords.

Reprinted with permission from Quartz. The original story can be found here

(Image via ktsdesign/

Threatwatch Alert

Network intrusion

Florida’s Concealed Carry Permit Holders Names Exposed

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.