It’s Time To Kill The Password
How to get ready for a passwordless future with Web Authentication
Imagine you had some very valuable jewellery stashed away in a safe somewhere.
The only way to open this safe is to give the code to another person who will then open it for you. You write the code on a piece of paper, put it in an envelope, close it and then give it to this person.
This person also has to walk all the way down the street to get to your safe. On the way there, the code could get lost or even be stolen.
Also, you don’t even know this the person and if he or she can even be trusted.
Would you agree to this kind of security? Doesn’t seem very secure, does it?
The problem here is that the code to open your safe is now a shared secret, and that’s also the problem with passwords.
When you need to login on a website to access your email or bank account, you send your password to the server to prove that you are the person you claim you are.
It’s the only thing that stands between you and your bank account, email or other sensitive data. It’s also the only think that stands between a hacker and your sensitive data.
So if a hacker manages to steal your password or guess it because it’s weak, they can fully access…
