Skip to content
City PM
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
Monday 19 August 2019 5:39 pm

How useful are passwords for keeping our data secure?

By: Duncan Brown

Add as a preferred source on Google

Every year, new research and new articles appear telling us that the most popular passwords are still things like “password1” and “qwerty123”. 

This “big” reveal is then followed up by a lecture on the importance of protecting yourself online. But we’ve been using passwords as digital identification tools for as long as we’ve had technology, and even longer in the offline world, so knowing the basics of password security should now feel as natural as putting on a seatbelt when driving. We should all know what makes for a secure password and how to maintain safe cyber-hygiene habits. 

However, to be frank, passwords are inherently insecure. Digital identification and verification is critical, but a simple password is no longer enough to protect valuable business data and intellectual property. They conflict with human instinct, as people are incapable of remembering long or complex passwords. They can be guessed, or attacked with brute force, and they can be accessed at scale as they are always stored online somewhere. 

Security and business leaders are well aware that credential theft is gold dust to a cybercriminal, and for many years the cyber security industry has been developing ever more complex systems to protect individuals’ identities. Whole industries have grown up around two-factor authentication, fingerprint or iris identification, designed to protect a person’s identity.

However, the cyber security industry remains a trillion-dollar failure, as cybercriminals develop attack methodologies faster than cyber security vendors can outpace them. 

In recent years, even biometric authentication has begun to unravel. For example, facial recognition has gone mainstream thanks to Apple’s release of its iPhone X, which uses a flood illuminator, an infrared camera, and a dot projector to measure faces in 3D – a method they claim cannot be fooled by photos, videos, or any other kind of 2D medium. But the reality is that facial recognition has serious vulnerabilities and has actually already been successfully attacked by security researchers. We predict that this will be the year that hackers will steal the public’s faces.

Having a strong password does help with protection to some degree, but it’s a simple door. Other methodologies add locks and chains – but a heavily protected door simply means criminals look around to find a separate, easier entrance. 

A major shift in perspective is needed. Both cyber security vendors and businesses alike need to place far bigger emphasis on understanding the ways that people and data interact: in short, taking a human-centric approach. Rather than adding extra bolts and locks, such as by making passwords more complex (and more likely to be forgotten), we should put humans and their behavior at the centre of security programmes. 

People can’t forget or lose their behavior. It’s intrinsic to who they are and can’t be imitated. Additionally, the one thing a cybercriminal can’t fake is genuine user behaviour. If a criminal tries to impersonate a genuine employee, all that the criminal will end up doing is a good day’s work. 

The second a criminal tries to extract data from a hacked account, a behaviour-centric security programme will spot the anomaly and alert the security team who can act immediately to stop the data breach.

Are passwords important? Sure, they’re an added layer of protection. Do we need to keep singing their praises? As far as I’m concerned, there are far better uses of everyone’s time.

Image credit: photo by Adrian Bretscher/Getty Images for Kaspersky Lab.

Read more

Yubico Joins European Cyber Security Organisation (ECSO)

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • News
  • Opinion

Categories

  • Opinion
  • Tech

Related Topics

  • Cybercrime

Trending Articles

  • Top Burnham adviser calls for capital gains and inheritance tax hikes

  • Housebuilding giants hit with £4.5bn lawsuit for allegedly overcharging buyers

  • Brewdog chief executive quits after only one year

  • A meeting with the breakfast king of Mayfair

  • As it happened: Stocks jump on defence and metals boost; Oil on track to shed a fifth on US-Iran peace hopes

More from City PM

  • Yubico Joins European Cyber Security Organisation (ECSO)

    Business Wire
  • Controlling the sprawl of shadow AI

    Partner
    UK initiative to manage AI expansion, showcasing technology control measures in urban settings
  • Interactive Brokers Expands AI Integration Capabilities – Adding ChatGPT and Grok to Its Growing Suite of Agentic Trading Tools

    Business Wire
  • Barclays and Lloyds join banking sector plan for digital ID

    Banking
    Banking app interface showing financial transactions and account balance on a smartphone screen, emphasizing digital finan...
  • AI data centre race reaches rural Devon as Xlinks eyes £3.6bn campus

    Tech
    Sir Keir Starmer's government has prioritised investment data centres as a major pillar of its plans to boost economic growth.
  • ICON selects Microsoft as a preferred technology partner to power AI-enabled clinical development

    Business Wire
  • City launches new Digital ID framework against AI fraud

    Tech
    The City PM Awards
  • FCA lays out ‘landmark’ crypto clampdown

    Crypto
    IG has pursued a new deal in its bid to beef up its crypto capabilities

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy