What is the future of passwords on the Internet?

Taus Noor
48 replies
Where do you see passwords in the future? Do you think passwords will always be around? Or are we headed to a fully passwordless Internet/world? Bonus question: what kind of biometric auth do you feel most comfortable with? Full disclosure: I'm working on a product related to passwordless auth.

Replies

Founder @ Front Figure
I don't know what other options are available, maybe fingerprint? I have no idea. From my end, I hate passwords, I always forget them. The question is will your product be working on all websites that need passwords?
Share
CEO at Gaze / Forbes 30 Under 30
@tdajani That is the idea, yes. We are just launching our Beta soon on PH -- and it works on more or less any device (with or without biometric sensors). Excited to share more soon.
Share
Working to make facial reocgnition safer
@tdajani This sounds like a great proposition!
Share
Founder @ Front Figure
@gazeattaus Good to know. I'll definitely check it out when you do.
Founder @ Front Figure
@asif_hassan I am guessing you were talking to Taus :) . Thanks anyway from the both of us.
Co-Founder at SeoChecklist and Screpy
@tdajani Maybe 1Paswords or Lastpass take over the world.
Live Draw HK
Is it possible to make all websites use Retina sensor?
CEO at Gaze / Forbes 30 Under 30
@livedrawhksgp Not sure about retina alone - but definitely possible to have all websites use some form of biometrics
Entrepreneur Marketer
Fignerprint sensor is a very good example, I have been using it on MacBook Air and its very good
Share
made in Peru
I will quite likely stick to using passwords for the rest of my life. I do not trust anything biometric for two reasons: It is something you cannot share in an emergency (e.g. Sister! Someone just stole my mobile! Please, log into my account and change the password!); and it is something that may be used as a motivation to keep you close. For example, if you are ever unlucky enough to be kidnapped, and all you passcodes are biometric, they will not release you until you have unlocked for them everything they want.
Share
Project Management Specialist
@simplytedel definitely agree with the first point, the second is more nuanced and there's a whole debate to be had about it
CEO at Gaze / Forbes 30 Under 30
@simplytedel Sharing in an emergency is a very interesting point. However, if you use biometric as your password -- stealing your phone should not give anyone access to anything really, right? Since they'd still you to actually log in or do anything?
Share
Chef
Good question! I think in the immediate future it might be Fast or something like it. But in the long term I could see face ID being widely adopted, every laptop and phone has a front facing camera so it makes sense and wouldn't be surprised if thats the route Apple push with Face ID. A face ID SDK would be awesome.
Share
Chef
Furthermore to this I think Fast started the conversation on this but I believe passwords in the long run will take a dramatic pivot from where Fast is right now.
Share
CEO at Gaze / Forbes 30 Under 30
@aaronoleary Apple/other large companies actually rarely use front camera for face ID -- in fact that's something my team and I working on. Liveness detection using a regular front camera is still a difficult problem (esp if you want a good UX). Apple did patent Face ID for laptops though -- so we can expect to see the same Face ID sensors from an iPhone on the MacBook at some point.
Share
Project Management Specialist
Passwords are a good memory exercise. Biometrics can be uncomfortable, and ID photos you obviously only trust to very few institutions.
Share
Product Manager @GitGuardian & Developer
It would be interesting to think about a decentralized identity. Each user is the sole manager of his identity, which is logical! With a decentralized identity, the user could connect to any service that recognizes / validates this type of identification. With a decentralized identity, we can go further than the future of the password
Share
CEO at Gaze / Forbes 30 Under 30
@vincent__off Would love to learn more about this. Would you be willing to connect over a call to discuss this?
Share
Founder and CEO of Somizu
Ready to check out as soon as your product launches. And talking about the future of passwords, obviously the world will be a passwordless world where people don't have to remember different passwords. Setting up passwords is honestly one of the most irritating things when it comes to signing up on different websites etc.
Share
CEO at Gaze / Forbes 30 Under 30
@senuka_rathnayake That is precisely our frustration. If you subscribe to our upcoming page on PH, we can definitely provide you with early access. We are working out a sweet deal for early subscribers too--which should also be announced soon. Here's the link: https://gaze.ai/ph Our mission is to eliminate irritating passwords.
Share
I think it will be a two step authentication retina/face and password validation on the mobile or other device with the fingerprint
Share
CEO at Gaze / Forbes 30 Under 30
@adrian_pradilla_portoles Do you think this will be the norm across all services we use or just specifically stuff that are more sensitive (like payments, etc.)? Having to enter a password and biometric could be inconvenient for users, so would love to learn more about your thoughts on this.
Share
CEO & Co-founder of Verihubs
I personally think that fully passwordless internet will be the next big thing on the internet, especially when you use AI (face recognition) to authenticate users. The biggest challenge is how you create a friendly and seamless user interface to entice users to use your solution.
Share
CEO at Gaze / Forbes 30 Under 30
@firnando13 Yes, that is definitely the challenge. We're working on a few different ways of doing it. Also inspired by our friends at Cotter @kevinchandra (https://cotter.app) who are doing very interesting work on passwordless auth. You should def check them out (and also our solution when it launches on PH haha).
Share
Enterprise & consumer product management
The decentralized identity market has certainly been busy. Gartner's 2020 Market Guide to User Authentication provides a good overview of the passwordless market and the major players. For a detailed description of the challenges and one leading vendor's take, try this report from HYPR: https://www.hypr.com/wp-content/... The big challenge for new entrants is how to break down the walls of the enterprise solution providers access and authentication stacks and not be relegated to point solutions status.
Share
PM, Developer and Founder @ PrepxUs
No password, Everything about us is being tracked already, so realtime profiles of us will determine who is accessing the website.
Serial Entrepreneur
Cool. Password less, biometric less, lots of places to go. I'm working on a product in this space too. Good luck!
Share
CEO at Gaze / Forbes 30 Under 30
@madsschmidtpetersen Oh wow would love to learn more. Would you be open to a call at some point?
Share
exCPO/Head Growth @FabFitFun
As soon as we have a legal and regulatory framework that's not demanding for startups to follow and transparency with this process, I'm okay with any biometric authentication, as long as everyone follows the same rules. Such rules can be such as, 1) only hashes of the biometric data can be captured at any time so that we cannot ever have 'stolen' biometric data, 2) the hashing method itself much be random 3) to prove this, after a company reaches a specific size (10 million rev or 10,000 users), they must submit to random sampling inspections of their database and the codebase that pertains to the bio-authentication scheme. 4) the authentication systems themselves, whether fingerprint, palm, or retina, facial, cannot at a hardware-level capture the full features but only partials. This would be similar to PCI complliance.
Share
CEO at Gaze / Forbes 30 Under 30
@davidoh This is awesome. FIDO might be trying to do something along these lines, not quite sure. You should definitely check them out!
Share
Founder, Re:Schedule
@davidoh Most biometrics only capture partial features and store a "biometric hash". Even access to the hash is often protected by using a secure chip. Databases of biometrics are a no-no. They are a single point of attack and a very valuable target. Instead, biometrics are better stored on the client device (like a smartphone). This is a (much harder) distributed target. This is how FIDO works.
exCPO/Head Growth @FabFitFun
@girish_w I know what the ideal is. That’s why I use my iPhone regularly with no doubts. I was talking about the api based system mentioned here. If biometrics are going to be used by everyone, it stands to reason many engineers will make the same mistakes again. Like at Facebook, when they stored passwords in plain text. And what seems to actually be the case with the majority of successful services we use, according to 1Password and password checkup on chrome. What was your point?
Passwords will soon be a matter of history
Share
CEO at Gaze / Forbes 30 Under 30
@suvigya__ We sure hope so!
Share
https://berdoa.co.id/
Aku berdoa semoga proyek kamu berjalan lancar
Cofounder and CEO, eWebinar
I look forward to a passwordless internet world. Not remembering my passwords (given the number of different requirements companies require) and not being able to figure out password managers is the reason why I haven't moved to a new computer for the past 2 years. Nothing more frustrating than being locked out of an account because you can't remember the answer to your own secret question from high school, then being on hold for an hour so customer service to reset it. It's also the reason why I hate switching to new phones. I would love to see facial recognition work with all logins, not just phone apps. Whatever you're doing, please hurry.
Share
CEO at Gaze / Forbes 30 Under 30
@melissa_kwan I know, right? We actually enable passwordless re-authentication on new device as well. We're providing our service as an API for developers, however -- so not targeted to consumers directly yet. Do subscribe to our upcoming page if you're interested: https://gaze.ai/ph
Share
When I research the identity part. I found that the most challenge is not security, but the economy around it. The authentication mechanism these days requires a lot of infrastructure. You need an internet connection (minimum is 1 USD of internet/month), a device that is not considered deprecated by the standard (ex. you can't even use the app if your android does not at least version 6), a common sense of a user (ex. aging people do not know how to use IT, younger people doesn't care enough about it). With only these factors, it already prevents more than half of people in the world to use the service.
Share
CEO at Gaze / Forbes 30 Under 30
@anugoon_leelaphattarakij This is an interesting point -- how do you think we can solve that?
Building @getchatout 🥷
Ironic how the future of passwords might be "password-less".
Share
Tech Enthusiast
What is the probability of false prediction if every internet user in the globe use GazePass? What is the accuracy of Liveness detection? If I manage my webcam to input the recorded video of someone's account I want to hack how your system would act? Can I use this service in online payment service! If it authenticate a wrong user by any mistake who will take the responsibility? These questions resides around my mind when back then I used to think of this kind of service in action. Also it seems a vertical problem, so why big tech giants are not incorporating it in their services?
Share
CEO at Gaze / Forbes 30 Under 30
@mushahid2521 Great question. We actually won't let you log in to someone else's account from your device just using face recognition -- so even if you get a webcam recording, it won't help. Email OTP verification is needed alongside face recognition to access someone's gazepass account on a new/different device. As for the rest -- subscribe and stay tuned! https://gaze.ai/ph