Passwords have been around for millennia. But are they still fit for purpose? If not, what should replace them?
Passwords were once simply a way to prove identity: something you know, to prove who you are.
But the move to computer systems, and especially the internet, has caused us to use passwords in a different way. We now use them for access management or more simply, as a key to unlock systems.
This, though, creates a huge overhead for organisations that need to manage access, as well as security risks.
Research suggests that the average enterprise uses between five and six access management tools. At the same time, users are still prone to reusing passwords or choosing weak ones.
Our guests for this episode are John Capps, VP of Infrastructure at Vida Digital, and Ev Kontsevoy, CEO of infrastructure access firm Teleport.
They argue that relying on “secrets” and data to prove identity no longer guarantees security. Instead, we need to look again at tools such as biometrics, identity tokens and one time codes.
Alternatives to passwords, such as zero trust, do have promise. But moving to zero trust needs the whole organisation behind it — it’s as much about culture as technology.
Featured image: Jan Alexander from Pixabay