We are currently living in a time when big firms like Netflix are trying to put a lid on password sharing and on the other hand traditional username and password may be losing importance as alternatives like identity based authentication are getting more attention. At such a time what is the importance of traditional passwords and how are they evolving to a more secure form of authentication.
To better explain the relevance of traditional username and passwords and the future of authentication we spoke to Siddharth Gandhi, COO Asia Pacific, 1Kosmos. Siddharth has over 18 years of experience spanning multiple industries, including Information Technology, Retail, Investment Management, and Banking. As the COO at 1Kosmos, he oversees the APAC business, leveraging the demographic opportunity in the region.
while talking about the importance and relevance of passwords Gandhi said, “While passwords have been a foundational element of cybersecurity, their importance is diminishing due to their inherent vulnerabilities. Many organizations are looking to reduce their reliance on passwords and adopt more secure authentication methods.”
Here is a glimpse of what more he had to add on the evolution of authentication from passwords to passwordless alternatives.
Siddharth Gandhi, COO Asia Pacific, 1Kosmos |
Is it the consensus among cybersecurity experts that passwords, the traditional means of online protection, are facing an uncertain future?
A growing number of cybersecurity experts acknowledge the vulnerabilities associated with passwords. If you look at what has been happening in the last few years with the rise of ransomware attacks and data breaches has prompted a shift toward exploring more robust authentication methods like identity based authentication.
Do these recent trends and developments in passwordless technologies indicate that passwords may no longer be viable competitors and are on the decline?
Passwords are indeed facing challenges in today’s digital landscape. Many organizations are recognizing the limitations of traditional username and password authentication methods and are seeking more secure alternatives, such as identity based authentication.
What are the main drawbacks of the traditional username and password authentication method?
The traditional username and password method is vulnerable to various forms of cyberattacks, including phishing, credential stuffing, and brute force attacks. Passwords are often weak, reused across multiple accounts, and can be easily compromised, leading to security breaches. With basic tools available in the dark web, it is relatively easy to crack 8-10 character passwords. While enterprises are undertaking increasing the complexity of passwords to 12 or in some cases 16 characters but compromises significantly on user experience. It just makes the whole experience for a user frustrating, I would say a major drawback.
Why is passwordless authentication favored for organizations like banks, governments, and enterprises, which deal with sensitive data and prioritize its security?
Identity based passwordless authentication offers enhanced security and user convenience, making it particularly attractive to organizations that handle sensitive data. It eliminates the risk of credential theft and unauthorized access, which are critical concerns for entities like banks and government agencies.
What are the compliance and regulatory considerations organizations need to address when implementing passwordless authentication, especially in industries with strict data protection requirements?
Implementing passwordless authentication may require adherence to industry-specific regulations like GDPR, CCPA, or financial services regulations. Organizations must ensure that their chosen passwordless solution complies with these regulations, especially when handling sensitive customer data.
Could you elaborate on 1Kosmos's approach to passwordless authentication and its potential impact on organizations?
1Kosmos's approach to passwordless authentication involves combining strong identity verification and authentication in a privacy by design framework. This approach enhances security and offers users a convenient and secure authentication experience. It has the potential to significantly impact organizations by improving security and compliance.
What is 1Kosmos's vision for the future of authentication and cybersecurity, and how does it plan to contribute to this evolving landscape?
1Kosmos envisions a future where authentication is more secure, convenient, and privacy-focused. The company plans to contribute to this landscape by offering innovative solutions that exceed industry standards, such as FIDO, NIST, and iBeta, and by empowering users to have full control over their digital identities.