The Australian Cyber Security Centre (ACSC) estimates the cost of cybercrimes for Australian businesses and individuals was AU$33 billion in 2021. On an individual level, it is estimated that 39% of Australians have had their passwords compromised in the last 5 years.
Amazingly the top 5 most commonly used passwords in the world in 2023 are:
123456, 123456789, Qwerty, Password, 12345.
Other favourites include“iloveyou” or expressions of affection combined with numbers, such as “iloveyou123”.
Unsurprisingly some researchers believe that all passwords can be eliminated over the next five years.
The passwordless revolution is the product of a technological tipping point.
FIDO2/WebAuthn: FIDO2 (Fast Identity Online) and WebAuthn (Web Authentication) are open standards developed to provide secure and passwordless authentication. They leverage public-key cryptography and allow users to authenticate using biometrics, security keys, or other trusted devices.
But passwordless implementations go even beyond that.
Users around the globe have become accustomed to using One-time passwords, face, touch, or voice recognition, but applications could soon be based on spatial identifiers.
This approach analyzes user behaviour patterns, such as typing speed, mouse movements, signature dynamics and other characteristics, to create a unique user profile. By comparing current behaviour to the profile, the system can verify the user’s identity, completely eliminating the need to use passwords for logins.
Behaviour-based password technologies provide an additional layer of security by leveraging unique behavioural patterns that are difficult for attackers to replicate. They offer the advantage of being transparent to users, as the authentication process occurs naturally based on their behaviour.
Whilst this technology is not 100% foolproof, the pace at which it is developing is impressive.
What does the future hold?
As AI and machine learning continue to advance, their ability to draw conclusions, learn from, and take intelligent action based on real-time data inputs will also grow.
In the years to come, these advancements will drive even greater predictive and adaptive capabilities for behavioural biometrics technologies.
Hopefully, the qwerty password users will follow….