Skip to content

Passwords are giving way to better security methods, until these too are hacked | American small business

W.Humans are simply too dumb to use passwords. TO recent study password manager NordPass found that “secret” was the most used password in 2024. It was followed by “123456” and “password.” So let’s all praise that the password is dying.

Yes, we know we should use 20-letter passwords with strange symbols and numbers, but our minds can’t handle it. We use the same password for many accounts, whether it’s a newsletter subscription or our life savings. We all have too many passwords. That’s why we opt for what’s easiest to remember… and steal.

Hackers know this and our passwords are available to anyone with a few dollars thanks to the countless data breaches that occur almost daily on the dark web.

Now Mastercard, Visa and a host of other tech and financial companies are doing away with passwords. Mastercard aims finalize passwords and all that card data introduction by 2030. Instead, biometric methods like fingerprints or facial recognition will be used to see if it’s really you.

Microsoft, Apple, Google, Samsung and other big tech companies are moving toward what they call “access keys.” Under this security method, your PIN is saved both on the cloud provider’s site and on your device, so when you try to enter the site instead of (or in addition to) using a password, use the PIN that is authenticated in both places. and as long as you are on the same device you will have access allowed.

Until, of course, you lose that device or it’s stolen and the PIN is hacked. Or a hacker uses a fake imitation of your voice to trick an unsuspecting customer service representative with your stolen information. Or a hacker uses open source software to trick users into revealing their PIN when they try to log in to a site. It happens. More than would you like know. Or your biometric information is stolen through malware and then, using advanced AI with high-resolution photographs or 3D images, it is replicated. this already happens.

Spoiler alert: even in a post-password universe, your company data and your personal data are not safe. Tech companies will continue to come up with new ways to protect you and hackers will find their way. It is a war that will never end, supported by a multi-billion dollar industry that makes security tools and whose executives secretly salivate every time there’s a new bug because… hey, you better not cancel that subscription, or else!

It’s depressing but it’s no reason to give up. As a business owner, you have a fiduciary responsibility over your cash and business data. Then you must keep fighting. You make sure your employees are trained to spot potential scams (that’s the No 1 cause of non-compliance). You pay an IT company to load the latest (and, another spoiler alert, immediately outdated) security software on all of your company’s devices. You keep all your operating systems (Windows, iOS, etc.) up to date. You get cyber insurance. You back up your data. You do all these things because you’re supposed to. It will never guarantee the security of your data. But it will help minimize your risk.

And it’s all about risk. Life is about risk. You take risks when you cross a street, get on a plane, eat in a restaurant. You do this because there are rewards. At work, you are at risk of data breaches because technology helps you get things done faster, keep overhead low, increase sales, and make you and your people more productive. Enjoy the rewards of delivery services, mobile payment apps, social media and online gambling. Are these rewards greater than the risks of a data breach? For most, the answer is yes. It’s a choice. We know the costs. And we don’t do enough to protect ourselves. We all choose to take that risk.