We all know how crucial it is to keep our data safe, whether it’s our business secrets or just personal info. Love them or hate them, passwords have always been the way to keep your data secure. And password managers have long been the solution to poor password habits.
But now there’s newer technology, in the form of biometrics and passkeys. So the question is, are passwords still the best choice for securing our information or should we embrace the newer technologies?
According to a recent survey, about 25% of people opt for biometrics like fingerprints. Maybe you are surprised as much as I am at this statistic, since it’s a relatively small fraction of the total and I anticipated it to be higher.
Equally surprising is that about 21% of the people surveyed would rather stick with traditional passwords instead of using biometrics.
Caveat; these are the US numbers. There are UK numbers that are slightly higher and lower at 27% and 19% respectively. But the ballpark is still about the same for both.
Why the hesitation with biometrics?
It’s understandable—data privacy and security are major concerns for everyone.
So, let’s delve a bit deeper into the details.
So, what exactly are biometrics, and why should we consider them a more secure alternative to passwords?
What Are Biometrics?
Biometrics use your unique physical or behavioral traits—like your fingerprints, face, or even your eye scan—to verify your identity. Unlike passwords, which can be forgotten, stolen, or cracked, biometrics bring a whole new level of security to the table.
The Benefits of Biometrics
Biometrics are a powerful weapon in the fight against cyber threats. They’re not only harder to copy than passwords but also offer unparalleled convenience. No more struggling to remember a jumbled mess of letters and numbers—just a quick scan of your fingerprint or face, and you’re good to go.
Security Concerns of Biometrics
As stated, there are a number of people who do not like the idea of using biometrics for security. This can be a valid concern in security, as a breach of biometric data that can’t change would be significantly more damaging than a breach of passwords that can be changed.
However, that’s usually not even an issue. It all depends on where the biometric data is stored and processed. For the most part in this discussion, we are probably all thinking about our phones and their fingerprint scanners or facial recognition features.
That data should be stored, encrypted, and processed all locally on your device. There really isn’t a way to breach that without getting a hold of the phone itself and having significant resources to help with the task.
For the most part, you don’t have anything to worry about with using biometrics on your phone.
Still Not Sold on Biometrics?
If you’re not convinced about biometrics just yet, there’s another option: Passkeys.
We’ve written about Passkeys for a few years now, with the last time being when Google rolled out their Passkey program.
Passkeys offer an alternative to traditional passwords. They use special codes unique to each person and are tough to phish (that’s when someone tries to trick you into giving away your login credentials).
By combining biometrics with passkeys, you can significantly enhance your business’s security without complicating your staff’s lives. In fact, most people find biometrics and passkeys easier to use than passwords.
What’s holding up Passkey adoption?
A few things are holding up the progress of Passkeys.
One is awareness. I’m not sure if you’re even aware or not that passkeys are even an option (hence informative blogs like this one).
Another is infrastructure. It takes time and money to implement the use of Passkeys, especially if you need to ensure that they work with legacy systems and software. That’s the reason we’ve really only seen Big Tech roll out support so far.
Speaking of Big Tech, I’ll criticize them for how they are rolling things out as well. True, Apple, Google, and Microsoft are all in support of passwordless authentication, but they seem to be implementing it in a “walled garden” state. Meaning, while in theory all passkeys are built on the same standard (called WebAuthn), there seems to be limitations, or at the very least a lack of smoothness in the use between companies.
All of this has already gotten better within the last year, so I am confident it will all get there in time.
The Future of Authentication
Passwords may have served us well in the past, but it’s time to embrace new, safer methods of authentication.
Need help implementing biometrics, passkeys, or best practice security? We’re here to assist—get in touch with us today.
