Password successors continue to show flaws

With users consistently struggling to create and remember sufficiently strong passwords, and hackers proving increasingly capable of exposing vulnerabilities, many pundits have called for a new online security paradigm that makes passwords a thing of the past. However, this line of reasoning may be too simplistic.

"The spectacularly incorrect assumption 'passwords are dead' has been harmful, discouraging research on how to improve the lot of close to 2 billion people who use them," explained Microsoft researcher Cormac Herley, according to the New York Times. "Passwords have proved themselves a worthy opponent: all those who have attempted to replace them have failed."

The so-called picture password model being developed for Windows 8 has already had to answer for potential weaknesses, including the trail of clues left by users' fingerprints in their series of gestures. According to the Times, white hat hackers have also debunked the facial recognition technology in the latest Android operating system, demonstrating that a relatively clear photograph of the device's owner can be used to crack the code.

Instead of looking for the next best thing, it may be smarter to shift focus to password manager tools and other emerging innovations. Experts insist that - in most circumstances - unique, well-constructed passwords can still provide sufficient protection from online security threats.