That’s the prediction (and hope) among security experts who are racing to replace the is-it-really-you test, which dates to the early 1960s. Since then, passwords have become an omnipresent nuisance for both users and security officers—perpetually forgotten and inevitably stolen, as evidenced this week by the news that a Russian gang has amassed a trove of more than one billion login credentials. (Read: More than a billion online accounts breached by Russian gang.)

[img]http://ei.marketwatch.com/Multimedia/2014/04/23/Photos/MG/MW-CA546_hacker_20140423142212_MG.jpg?uuid=41406108-cb14-11e3-bb0c-00212803fad6[/img]

Two out of every three data breaches involve the exploitation of weak or stolen passwords, according to Verizon’s 2014 Data Breach Investigations Report. And making them stronger isn’t much help.

The more requirements websites add for passwords—to reach a minimum number of characters using uppercases, lowercases, and special characters, to avoid strings similar to previous passwords, to do a handstand while typing it in—the more likely people are to reuse passwords across accounts or create weak ones, researchers say. A 2012 study found that almost one-third of people have more than 10 unique passwords, and 38% of people would rather scrub toilets than try to come up with new ones.

The tech industry is brimming with companies touting products to block impostors in a post-password age—all aiming to cash in on cybercrime, a problem with an estimated global cost of up to $445 billion, according to Internet security firm McAfee. Among the options: software that, invisible to the user, tracks contextual factors like time and location, and how users type, wiggle their mouses and swipe screens; and biometric scanners for faces, eyes, voices, veins and even heartbeats, often in combination with a designated mobile device.

Click to Play
Russian hackers steal 1.2 billion usernames, passwords
A gang of Russian hackers have stolen an enormous trove or usernames and passwords, according to cybersecurity firm Hold Security. Here’s what this means for Internet users.

A working group to create password-alternatives, called the FIDO Alliance, released a draft of new standards for online authentication in February and plans to issue the final version by the end of the year. Its members include Google GOOG +0.96% , Bank of America BAC +0.53% , MasterCard MA +1.50% , Samsung KR:005930 -3.10% and PayPal.

By 2015, a large portion of Internet users will say goodbye to the old-school username and password in favor of methods such as biometrics and one-time secure keys, especially after the big players in the group begin to adopt the new standards, says FIDO Alliance president and co-founder Michael Barrett.

“Passwords…made absolutely fabulous sense back in the ‘60s. They make no sense now,” Barrett, who previously worked as chief information security officer at PayPal, says.

Privacy advocates say part of the reason passwords are considered a pain—that they sometimes need to be changed—is also an advantage: If an intruder learns the code, you can write a new one. Your heartbeat and fingerprint, however, remain the same.

But what makes passwords such an easy and prime target for cybercriminals is scalability. One cyber heist can yield thousands or even millions of account credentials, depending on the target. For a crook, biometrics produce far more barriers to entry. A thief could likely be forced to mold fingerprint replicas on an individual basis, or attempt to record someone’s heart activity without being noticed.

Attacks against biometric security and other password alternatives “require physical access to us or our devices, and those don’t scale,” Barrett says. “How many people can I attack in a day? Two or three? From a bad guy perspective, it’s just not very interesting.”

For some companies, passwords are already so yesterday.

“We’ve eliminated usernames and passwords,” says Jonathan Klein, president of the Virginia-based software company MicroStrategy MSTR -0.03% , which designed an app called Usher. Usher checks who you are through options including voice and facial scans, verifying the device itself and tracking its location so people can only log into sensitive systems from specific locations or within boundaries, or for a limited time. The app then reveals a QR code that users scan at their workstation or on a website, and a code to authorize transactions over the phone.

Source-http://www.marketwatch.com/story/in-2015-it-wont-matter-if-hackers-steal-your-password-2014-08-08

Lengthy..... Whew
But anyways its an awesome move...... If successful

RAFIC: Lengthy..... Whew
But anyways its an awesome move...... If successful

yes....certainly it will

how will that happen
[img]http://www.?aff=391[/img]

Seriously?

So if i want to access Facebook or my Bank Internet Banking platform i would need Biometrics? What if i am on my Mobile Phone? How many computers have Bio Support?

Its going to be hard...

coolsix:

Seriously?

So if i want to access Facebook or my Bank Internet Banking platform i would need Biometrics? What if i am on my Mobile Phone? How many computers have Bio Support?

Its going to be hard...

With technology, all things are possible my brother