An Overview of the Present and Future of User Authentication

Cybersecurity is an ever-evolving discipline that aims to protect every aspect of an information system, including its users, from digital threats, adversaries and attacks. When it comes to the overall security of an account or a system as a whole, the combination of people and passwords have always been considered the weakest link in the chain since poorly chosen weak, leaked, reused and easy-to-remember passwords still continue to pose an insurmountable threat to the security of innumerable accounts and systems. Yet, much to the dismay of cybersecurity specialists and researchers from all over the world, password-based authentication still remains as one of the most dominant ways of verifying a user s identity, thus making our password-protected accounts, systems and devices a highly lucrative target for cybercriminals. This paper aims to highlight the strengths and weaknesses of passwords in comparison with various other techniques such as multi-factor and adaptive risk-based authentication schemes that have been adopted over the years to augment password-based authentication systems as well as discuss the recent advent of the FIDO2 authentication standard that aims to bid adieu to passwords in favor of making biometric and possession-based authentication the new norm by making them more easily accessible to developers and users alike while ensuring an optimum level of security and privacy at all times.

Year of Publication
Date Published
Google Scholar | BibTeX | DOI