Tech giants Google and Dashlane make headlines as they announce plans to phase out the use of passwords in their services.
In a significant move towards enhancing online security, Google and Dashlane, a leading password manager service, are spearheading an industry-wide effort to phase out the traditional use of passwords as an authentication method.
According to Dashlane officials, over 80% of breaches and hacks are due to stolen passwords. This alarming statistic has prompted the industry to seek alternative solutions, and passkeys are emerging as a promising new method for password management. Unlike passwords, passkeys are stored on local devices, reducing the risk of credentials being hacked through phishing attacks.
Donald Hasson, the chief product officer at Dashlane, stated that the goal is to eliminate instances where password input is required. This ambition is shared by Google, which has introduced a feature that allows account holders to create passkeys, aiming to phase out passwords across the industry.
With passkeys, users can sign into apps and sites in a manner similar to accessing devices with facial scans or fingerprints. This passwordless login system, as implemented by Dashlane, means users no longer need to create a master password to access the password manager service.
The reduction in the use of passwords is expected to lead to more phishing-resistant account creation across the technology industry. This is a crucial step, as phishing attacks are a significant contributor to data breaches and ransomware attacks. Malicious actors often gain access to sensitive data through phishing attacks against company employees or third-party vendors.
Dashlane's elimination of the master password is also aimed at reducing the number of help desk calls related to password resets. Gartner estimates show that 20% to 50% of all help desk calls are related to resetting passwords, a burden that the shift towards passwordless authentication aims to alleviate.
The moves by Google and Dashlane are part of a broader industry effort to end the use of passwords as an authentication method. This includes the implementation of passwordless login systems like the one by Dashlane. However, it is yet to be announced who will be the next to follow suit and eliminate the need for a master password within the year or when this event is planned.
Despite these advancements, it is important to remember that the elimination of passwords does not mean the elimination of the need for strong security measures. Compromised credentials can still provide access to customer information, corporate secrets, and in some cases, company source code. It is crucial for users and businesses to remain vigilant and adopt best practices for online security.
