Snippet: Passwords suck! There, I said it. We've all heard it said many times before, but it’s worth repeating. The concept of gate-keeping access to digital services with a username and password may have been appropriate, and even good practice, in the early days of computing when a person might only have one or two logins to maintain. However, in today’s world where people have hundreds of accounts, they tend to re-use one password for multiple accounts or outsource the job to a password manager service. And even if you do manage to create a complex and unique password for each account, and remember it at the time of login, there is still the problem of data breaches, which are becoming all too common.

Passwords suck! There, I said it. We've all heard it said many times before, but it’s worth repeating. The concept of gate-keeping access to digital services with a username and password may have been appropriate, and even good practice, in the early days of computing when a person might only have one or two logins to maintain. However, in today’s world where people have hundreds of accounts, they tend to re-use one password for multiple accounts or outsource the job to a password manager service. And even if you do manage to create a complex and unique password for each account, and remember it at the time of login, there is still the problem of data breaches, which are becoming all too common. 

To better understand the problem, let’s break down what a password is: it’s “something you know”, but because it’s a shared secret that gets used multiple times, it’s more specifically called a static knowledge-based authentication credential.

There are two other main authentication categories: possession, (something you have) and inherence (something you are).


All authentication is based on the premise that when you can claim an identity, by providing a username, and back up that claim with at least one type of authentication, you should be granted access. So, if we want a viable passwordless future, we need to leverage other forms of authentication.

The good news is that there are other ways we can achieve this, several of which are already commonplace. A great example is how we almost never unlock smartphones using the device PIN, but gain access using biometrics – originally with fingerprint technology and more recently with facial recognition.

The example shows that it’s possible to swap one type of authentication for another to improve security and user experience. However, we can also combine multiple authentication types – one of which, ideally, should be communicated through an out-of-band channel – for even greater security. 



The practice of combining two or more factors is called two-factor or multi-factor authentication. The premise here is that if I can prove I have more than one of the devices or channels linked to an identity, it further increases the strength of my authentication claim. 

The login experience that many of us have already incorporated into the way we use our smartphones should be replicated across more use cases, although we are seeing this start to happen as many industry leaders begin to align themselves to an international standard called FIDO (Fast ID Online). This standard aims to make passwords obsolete by replacing them with possession and biometric factors. It also uses encryption technology to ensure that your credentials cannot be stolen.

With several tech giants – Google, Apple and Microsoft to name a few – now supporting this standard, it may well be the solution that finally allows us to remove passwords from our lives for good.


Want to know more about biometric authentication? Read our blogs posts “The rise of biometrics in banking: the death of the password” and “Behavioral biometrics: overcoming the password problem”.

Subscribe to our blog.


Fido Authentication fact sheet
Simon Armstrong

Simon Armstrong

VP: product

Simon’s been described by a former employer as one of a breed of “creative technologists,” a label we wish we had coined on his behalf. Having worked mostly at small to medium-sized agencies and product development firms in South Africa, Europe, and Asia, he combines a passion for customer-first excellence with a genuine commitment to the team. His communication skills and calm approach to problem solving help Entersekt “be better” every day.

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.