Device Authentication Could Make Passwords Obsolete

Paul Lilly

Perhaps one day you won't need a password to log into your accounts

Everyone knows you're not supposed to use the same password for multiple websites and services. If you follow that advice right down to the letter, then you're juggling numerous passwords, depending on how many banking sites, forums, auction portals, and everything else you're signed up for. It's a pain, and perhaps an unnecessary one -- device-based authentication could render passwords a thing of the past .

At least that's what Christopher Mims over at The Wall Street Journal believes. In fact, he's so confident about the irrelevance of passwords that he shared the one he setup for his Twitter account. It isn't a dummy account, either, but an active Twitter account that he's been using to post more than 51,000 tweets since 2007. His password is simply "christophermims."

He's willing to give it away because he uses a device-based authentication method that requires not only a password, but verification on his iPhone.

"If you want to sample the early version of a post-password future, all you have to do is switch on a common security feature of every major Web service. It's available across all the web giants, including every account offered by Google, Yahoo, Microsoft, Facebook, Twitter, and dozens of others, and yet surveys suggest more than half the public hasn't heard of it. It's called two-factor authentication," Mims explains .

It's not unlike an ATM, in which the first factor is your PIN (or password), and the second is your debit card, a physical thing that you keep in your wallet or purse. Without it, the PIN is useless, and so are passwords without a physical device in a two-factor authentication scheme, Mims argues.

What's your take on all this? Do you think device-based authentication will render standalone passwords obsolete? Give Mims' article a read and sound off!

Follow Paul on Google+ , Twitter , and Facebook

Around the web