6 Types of Secure Mobile Authentication That Aren't a Password
Since the dawn of computers, passwords have been the primary way to confirm the identity of an authorized user and reject unauthorized users who do not know the correct password. At first, passwords were more like pass-phrases with meaning and significance. As hackers got better at guessing someone's password, numbers were introduced, but soon hackers were cracking these too.
Today, passwords are convoluted sequences of unrelated numbers, letters, and characters that have no psychological significance and are ideally difficult for hashing programs to crack. However, they have also become incredibly tedious to type. Especially on a mobile softkey where one must 'switch keyboards' to access all the necessary characters.
No doubt you, your employees, and every member of your company with a heartbeat and thumbs has noticed how tedious it is to enter passwords into a mobile device. And yet, we require regular authentication in order to keep strangers from accessing personal files and proprietary business data. Fortunately, modern mobile devices are making it possible to authenticate employees in new, creative, and far less tedious ways. Here are the top six mobile password alternatives.
1) Retinal Scanning
Mobile phone cameras have become an incredibly high quality in recent years, high enough quality to recognize the eyes of a single user. Some phones already come with a built-in retinal scanning feature that locks the phone except for the one official owner. And scanning the eyes for authentication only takes a second and zero taps on the screen.
2) Fingerprint Scanning
Fingerprint scanning is a technology that has been slowly adopted by industries at all levels for the last decade, and more exclusively long before that. Now, mobile phones can scan, remember, and verify fingerprints as well. While some people's fingers are harder to scan than others, fingerprint scanning can also be guaranteed that no one else will have the same fingerprint as an authorized employee. Not even an identical twin.
3) Photo Sequence Selection
One interesting alternative to passwords that has been tried is photo sequence selection. Start with a 'deck of cards' containing detailed and distinct, but not personally significant images. The employee then pulls out and arranges a few images in a specific order. To authenticate, they are shown the original set of images and must choose 'their images' in the correct order.
It's sort of like the game 'memory' as a password mini-game.
4) Diagram Drawings
Another form of image-password is presented as a grid of dots. At first, the user is asked to draw a picture or diagram by connecting the dots in sequence. They can theoretically make anything from a star to a letter, but the exact dots in the grid used will matter. They must then replicate this drawing precisely to authenticate. With a larger grid (5x5 or bigger), it becomes remarkably difficult for someone else to recall the precise placement of each line.
5) Eye-Spy Selection
For teams that like puzzles, you might consider using an eye-spy form of password, which is an interesting variation of the photo sequence. Rather than several pictures, use one large picture with many small distinct details, like an Eye-Spy or Where's Waldo puzzle. The user then taps a number of specific number of details in order. This adds an additional layer of security because anyone watching the employee use this authentication method would first have to be able to visually distinguish which details are being tapped.
6) Voice Passphrase
Finally, you might consider using currently advancing voice technology as a password solution. Challenge Employees to come up with a distinct passphrase said in a unique way that also won't seem too out of place when performed in public. Using silly voices or even song should be particularly encouraged, these vocal exercises will be harder for anyone else to duplicate. After all, our voices are different due to physical differences between us.
There is a dilemma in the world of business mobility, between accessibility and security. And the biggest resistance against security is the tedious chore of tapping in a password onto a mobile device softkey. By replacing the traditional password with a quick, creative, and secure mobile device alternative, you make it easier for users to have patients re-authenticating every time they pick up their phones. For more expert tips on business communication technology and cyber security, contact us today!