The initiative has sparked a debate that questions the future of usernames and passwords
The Petition Against Passwords is a public advocacy campaign promoting ‘password-less’ alternatives to hack-prone usernames and passwords. Organisers state that the new campaign is gaining momentum with technology companies, legislators and the press.
Formally launched on 24 July, the Petition quickly gained national media attention, receiving coverage from leading media outlets including the LA Times, CSO Online, Dark Reading, CBS MarketWatch, Upstart Business Journal and BBC Radio 4.
Already supported by companies in Silicon Valley and the US, the launch of the Petition quickly gained the attention of companies from across the globe, among them NuData Security, Authenticade (CryoKey), Sensible Vision (FastAccess Anywhere), UK-based Winfrasoft and others.
Passwords: an enabler for fraud?
“Fraudsters and hackers see passwords as an enabler to fraud – they’re easy to guess, break and bypass and are reused by users across multiple sites,” stated Michel Giasson, CEO at NuData Security. “The inherent weakness of passwords is what has caused the prolific increase in account takeover fraud, which is a form of identity theft.”
Chris Ho – co-founder of Authenticade – commented: “You may tolerate passwords now, but once you start using the next generation of authentication alternatives, you’ll wonder how you ever put up with passwords in the first place.”
George Brostoff is the CEO of Sensible Vision. He added: “Single factor security is no longer sufficient for most applications. All security methods have strengths and weaknesses. As weaknesses become more well known, the best way to address them is with a second, complimentary logon technique. The key, however, is to add additional factors while maintaining a high degree of convenience. Two factor techniques that are burdensome or difficult to use can actually be less secure in real-life practice than either individual technique would be alone.”
Another commentator on this subject is Steven Hope, the CEO of Winfrasoft. “The password is one of many authentication dinosaurs that we need to confine to the history books,” he said. “They are costly to administer, people don’t want to use them and, crucially, they’re not secure.”
As the Petition Against Passwords continues to gain momentum, Petition organisers have offered an open challenge to find the first large-scale consumer site willing to offer a password-less login alternative once the Petition reaches more than 100,000 signatures.
“First, we would like to applaud all of the innovative identity companies participating in the Petition Against Passwords initiative,” explained Brennen Byrne, CEO of Clef (the company that organised the Petition Against Passwords).
“Now, we’d like to see other companies participate. Any site that uses passwords today can promote their own brand through the Petition by setting a signature threshold and pledging to make a change if the threshold is reached. We can only solve this problem by working together, and we want to help promote companies who are offering password-less logins to their customers.”
About the Petition Against Passwords
The Petition Against Passwords is a public initiative designed to help consumers voice their desire for more convenient and secure ‘password-less’ identity protection.
The Petition sheds light on the need for a significant one-authentication registration overhaul in the continued wake of large-scale data breaches impacting millions of consumers.
The Petition brings together organisations from technology, research, consumer advocacy and public policy to advocate for the implementation of password-less technologies to replace hack prone one-factor authentication.
To learn more about the Petition Against Passwords visit http://www.petitionagainstpasswords.com