We humans by nature want security and authentication in
everything. Then why is it that since the development of technology we are not
using secure methods to protect our sensitive data? Why are we still using
unsafe practices and not doing anything to prevent them?
There are still unsecured technologies that might lead to
hacking, data breaching, and malware. Therefore, we should always try to be
careful and prevent our systems from all such sorts of perils of the internet.
One of the dangers that might occur with technologies is password-based
authentication is that technology in which our devices or personal account
are password protected. That means that there is a code whether numbers or
alphabets or even symbols that protects our whole system. This is a good way of
protection, but not the best. There may be some other ways by which your system
will remain more secure than it is now.
Hence I would either suggest some other methods of
protection or apply some preventions with password-based authentication. This article briefly discusses the problems
with password-based authentication, the preventions as well the alternative recommendations
that we should try instead of passwords.
- 1 Why is password-based authentication not secured?
- 2 Preventions
- 3 Alternative to passwords
- 4 Conclusion
Why is password-based authentication not secured?
There are many reasons due to which we can conclude that
password-based authentication is not safe for users. Some of these threats that
are due to password-based authentication are discussed as follows:
- Users may apply weak passwords
- Passwords are forgotten
- Can be hacked
- Users noting down passwords
- Cracked easily
- Can be changed
- Identical passwords
- Depends on human errors
1. Users may apply weak passwords
The most common problem that might occur in using
password-based authentication is that people often use weak passwords. That
means that their passwords are not secured enough. When passwords are weak,
they are vulnerable and visible to anyone who wants to damage our networks.
Hence it is very much unsafe to use a weak password. Users
may do this so that they can memorize their passwords easily, but there are
other ways to do so, and it is essential that users should not apply weak
passwords, especially when their system consists of sensitive or personal data
or your company data.
2. Passwords are forgotten
Another problem with password-based authentication that
happens very often, in fact, can occur with anyone is that the passwords are
not always easy to remember. They are often forgotten. This is not so confusing
to understand. We all forget things as our memory could not keep it all. And
therefore, we can also forget their passwords.
But the problem here is that if you forget your password,
then you might never be able to recover your previous account on specific
platforms. Other platforms provide an option of “forgot password” by which you
can enter some credentials for identification and then can change a new
password, but on some specific platforms is an option is not always applicable.
3. Can be hacked
The deadliest thing about passwords is that they can be
hacked easily. They do not require much work. That means that attackers can
easily penetrate our systems by hacking our passwords because password hacking
is an easy task for them.
In comparison with other security locks, such as biometric
which cannot be hacked that is your birth identity signs cannot be changed,
passwords are more unsafe when it comes to hacking. They are not something that
cannot be altered. They can be changed and hence is easy to hack.
4. Users noting down passwords
A common problem that is again due to users forgetting
passwords is them noting it down. That means people note down their passwords
in some place, maybe on their phone notes or perhaps in some diary, so they do
not forget their passwords.
It is a great peril as it is not safe to keep your passwords
in the open like this. If your phone is mugged or your diary gets in the hands
of someone, then all your passwords are with them, and your whole account’s
privacy comes in danger and becomes uncovered to anyone who has that source.
5. Cracked easily
As mentioned above as well that password-based
authentication is easy to hack, hence we can say that the attackers can easily break
them. They just have to do some encryption breaching here and there and boom,
they can find our passwords.
Hence we can say that passwords are not very much safe as
they are easily cracked by any professional. And this does not only mean
hackers but can be broken by anyone with a little IT experience. Last summer
only, my brother’s laptop’s password was cracked by another employee who sent
all his presentation to his own computer and took the credit for it. It was not
very difficult for him to crack the code.
6. Can be changed
A problem with passwords is that they can be changed if an
account is open on any device without even asking for some identification of
the person changing it. So if you have told your password to some friend or
relative, who later on becomes your enemy and decides to use your account, then
he can change the password and thus you are doomed.
That person can log in to your account and change the
password. Therefore, you will never know your new password yourself, and thus
your account can be said to be hacked. Or if you have left your account open on
this “friend’s” device, then he or she can change the password that way. Also,
they need to crack your old password which, as mentioned above, is not hard.
7. Identical passwords
Another problem with password protection is that people often
tend to keep the same passwords for every social media account. They use the
same password for Gmail, Facebook, Linkedin, Twitter, etc. This is a problem
because when they use the same password for every platform then if a hacker is
able to get his/her only password, they will get access to all their accounts.
So we can say that if someone uses the same password, for
the purpose of easy remembering, all their accounts are at risk at once. So
password protection has this another problem which makes it unsecured to use
8. Depends on human errors
In all the above points, and in fact, all the problems of
passwords, we can prominently see human errors, which means that passwords are
based entirely on human errors. That includes everything, i.e., the forgetting
of passwords, the use of weak passwords and also any other error that a human
Hence it is not the best option for security, because
something that totally depends on human errors is never safe. So we can say
that passwords are not secure for anyone as their own mistakes can make them
We have understood that there are many problems with a
password protected system. Now we must establish ways to prevent such threats.
Some of the ways to be precautious of such kind of risks are given as follows:
- Use robust but easy to remember passwords
- Download password managers
- Changing passwords regularly
- Using a different password
- Try to keep it secret
– Use strong but easy to remember passwords
The very first step to prevent the issues of password-based
authentication is by using a strong password but one that is easy to remember.
It should contain letters of uppercase and lowercase and numbers and symbols,
but still, something that you don’t forget.
– Download password managers
Another effective way by which you can prevent your password
protected systems from attacks is by downloading password managers. They keep
all your passwords safe and does not let anyone harm them. You also not have to
memorize every password by using them. Some of the best password managers are
– Changing password regularly
Password changing option is a problem as well as a solution.
If a hacker can change your password to hack your account, you yourself can
change your password to keep it safe. So it is important that you always change
your password after some time and not keep the same password for years.
– Using a different password
Another proper way by which you can secure your password in
a password-based authentication is by using different passwords for every
different password. That means that use a unique password for Gmail if you have
used another one for Facebook.
– Try to keep it secret
Last but not the least, try to keep your passwords a secret
from anyone. This does not happen much as people do not reveal their passwords
to everybody. Still, this happens that people tell their passwords to anyone
they think are trustworthy. Remember that you should never trust anyone on your
Alternative to passwords
Some other technologies can be used instead of a password as
we know that passwords are not safe enough. These technologies are:
- Facial recognition
- Voice recognition
Fingerprinting is a very effective way of keeping systems secure. They are better than passwords as they cannot be altered. That means that every person has their own fingerprints that remain the same always. Hence they cannot be hacked. Therefore they are recommended more than passwords. Now smartphones also have this option. This is still unsafe because if a person gets ahold of the ridges of your fingerprints, they can access your data or they can treat the person to put their finger on the machine.
2. Facial recognition
Another effective way which is better than passwords is facial recognition. That is because they note down a person’s facial features and recognize the person by face. And as a person’s facial features cannot change, hence they are a safe way than passwords. They are also present in smartphones now. This, however, is still a problem as people might change their face according to someone else nowadays or they can treat the person to show their face to the system.
3. Voice recognition
Lastly, we also have voice recognition. This is also better
than passwords as when you record your voice password in your systems; the
system will always give access when they hear your voice. This way it will
never recognize any other sound and thus will not open. They are also present in smartphones. This
too, however, is not safe as someone can again threat you to say in front of
the machine or can call some mimic artist because these people can mimic any
So now that we know all the vulnerabilities of
password-based authentication and we also know the preventions, we must try and
imply them in our lives to be safe. Also, we discussed some other technologies
that are more secure than passwords. Hence if possible we should use them as