Strategy: Passwords Don't Work. Now What?
No Easy Answers
Attacks, breaches, keyloggers -- it's pretty easy these days for just about anyone to get access to passwords, whether one at a time or by the handful. Despite this, passwords remain the ubiquitous method for online security.
Why? Well, in part, because it's a huge challenge to find the right balance between security and usability. Make it too difficult for users and we put up unreasonable obstacles; make it too easy and we're left vulnerable to attacks.
In search of a viable alternative, we turned to security experts, whose ideas include biometrics, public key infrastructure and two-factor authentication. We discuss the pros and cons of each approach and look at research into the password habits of computer users. (S6360113)