Skip main navigation

Alternatives to Password Authentication

This video, Zanidd will introduce alternatives to password authentication, such as multi-factor authentication, biometrics, Windows Hello, and mTAN.
Hello, world. I’m Zanidd, and welcome to the Hands-on Password Cracking and Security course on Code Red. In this section, we’re covering the downsides of passwords. And at the end, which is this lesson now, we will take a brief look at alternatives to passwords. So as mentioned before, we’ll take a look at alternatives to passwords in this lesson. Most of the alternatives that users will accept are not really alternatives but rather additions like MFA, multi-factor authentication, or mTANs. But some real alternatives exists, like using biometrics, like Windows Hello or Face Unlockers. Or another alternative is to use something different, like certificates and encryption keys, or PKI keys.
MFA and mTANs are not really an alternative, but it’s easy to set up since all you need most of the time is just a phone. Now the use of biometrics instead of passwords has quickly risen in popularity. Almost any new phone now supports some sort of iris, fingerprint, or face scan to log in. But on phones, there is usually still an option to use a password in case the login via biometrics is not successful, like when your hand is wet or when your hand isn’t actually one of the owner of the phone, which makes the use of biometrics questionable in terms of security. In terms of usability, it’s great.
If that technology advances far enough, this could really be the future and we could completely ditch passwords for the most part. Certificates and keys are by far my favourite alternative to passwords. They’re based on math and cryptography and cannot be cracked or broken like passwords, for the most part. I prefer to use SSHGs to connect to machines over the SSH protocol instead of the typical password login. The problem is that you kind of have to handle the case usually yourself and it’s a bit finicky if you’re not accustomed to it. And it’s not exactly what you refer to as user friendly. And Certificates are used in websites that use the HTTPS protocol.
And the problem there is that you have to build a chain of trust, which has to start somewhere. Usually your browser comes with a set of pre-installed routes that you automatically trust, but do you really trust them? And I think that’s a whole other topic for maybe in another course, so I’ll leave the question to you. Now in conclusion, from what we’ve seen, we’re bound to stick with passwords for a while. Everybody knows how to use them, although most of them use them wrong because they use weak and common passwords. But the user is accustomed to this login screen with username and password and changing that can be a kind of hassle.
So the most feasible option of all seems to be something like MFA, where we still use a password, but the user has to provide an additional factor like biometrics, or codes, or has to authenticate with an additional app like with Google authenticate. That’s all for the downsides of the passwords. In the next section, we will cover how to prevent the attacks learned in this course. We will also take a look at password managers.

This video will introduce alternatives to password authentication.

Alternatives include the following:

  • multi-factor authentication
  • biometrics
  • Windows Hello
  • mTAN
  • certificates

You will learn about the advantages and disadvantages of these alternatives.

This article is from the free online

Advanced Cyber Security Training: Hands-On Password Attacks

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education