Jean-Claude Elias
Lately a number of online media have been stressing the importance of using longer passwords to protect files and accounts. I would say they are completely missing the point.
The not-so-new news explains in length that passwords that are, typically, 8-character long are not strong enough to protect files and accounts, because smart hackers can break them in a few hours or a few days at most, this by using widely available appropriate computer software. It is therefore recommended to use longer passwords for extra protection and security.
Codes that are, for example, 12-character long are said to be the best for they would take many years to break, even by automatic computer software and are not too hard to memorise. Using more than 12 characters is not necessary, for the extra protection really is not needed, and besides such passwords would be too difficult to remember.
Whereas the above is perfectly correct, it is the entire password concept that should have become obsolete by now.
Asking people to use longer, more complex passwords is tantamount to telling someone who does not make enough money to work for longer hours, instead of telling them to work faster, or more efficiently, or to look for a more rewarding jobة
While using longer passwords does make cracking them harder, it carries with it the inherent weaknesses of the system. Passwords can be forgotten and are a hassle. Now that we have to remember dozens of passwords and codes, forgetting them has become a growing risk. Writing them down on hard copy or saving them in some fancy encrypted digital file is but a partial solution for it only adds to the hassle and the complexity of the system.
Moreover if today’s computers can take years to crack a long password, we can safely bet that tomorrow’s (almost literallyة) machines will be able to do it much faster. Are we going to have to use and remember 20-character passwords in the near future?
The real answer, the only one that makes sense in the digital world we are living in is biometrics. It is the best method to recognise a person and then to authorise access to confidential files and accounts. Recognition by a person’s iris, voice, face or thumbprint is the way to go. These are not the only biometrics of course but the main ones.
Not all biometrics are “created” equal, however. Voice, face and thumbprint recognition have proven to be slow, imperfect and unreliable. As for foolproof biometrics like the DNA they do not work in real time and therefore cannot be considered as a substitute for passwords.
Iris recognition is the only solution that is instant, flawless and absolutely unequivocal. The fact that one’s iris is unique, cannot be forgotten, lost, stolen or copied, or even used after one’s death, ensures an unprecedented, unmatched level of security. The system also is safe and clean for there is no physical contact with the camera that takes a quick snapshot of your iris. The camera is conveniently positioned near or inside the device: computer, ATM, vault, smartphone, etc.
Today most computers, laptops in particular but also smartphones, are fitted with web cameras. Replacing these cameras tomorrow with models that can also perform iris recognition should be easy. As for ATMs and the like, systems already exist and are operational but have not yet been globally implemented. One wonders why it is taking so long!
British-Jordanian company Irisguard has been the undisputed pioneer and leader in the field of iris recognition technology in so far, with huge success stories in homeland security and banking applications.
I have a dream. I have at last discarded all the passwords and pin codes I was keeping; and all my keys too. All I have to do now is to look at a small, friendly camera to open files, to withdraw cash at ATM, to shop online, to start my car, to enter my houseة .
