One problem with passwords for security is that the bad guys can guess simple passwords, yet the good guys can't remember strong passwords. You can solve that one by installing and using a password manager. The other problem is worse, in a way. Anybody who knows your password, no matter who or where they are, can use it to unlock your account. Two-factor authentication is the vaunted solution to the second problem…but there's a new problem.
Two Factor is Too Hard
The important thing about two-factor authentication is that it buttresses the password (something you know) with biometric technology (something you are) or some kind of device-based solution (something you have). So far, though, many two-factor solutions are just enough trouble users reject them.
Biometric implementations typically take the form of fingerprint authentication. First, that means they're only good for devices that include a fingerprint reader. Second, you typically need to enroll multiple fingers on each device where you'll be authenticating. Don't get me wrong, biometrics can be great. Touch ID is one of the best things about my iPhone 6, but it doesn't help me on other devices.
Google Authenticator, Twilio Authy, and various SMS-based solutions make your smartphone part of the login experience. After entering your password, you receive a notification containing a one-time code to complete the authentication process. Right. So, enter the password, dredge your phone out of pocket or purse, peer at it while entering the code (hurry; those codes are only good for a short while). That's not a smooth experience.
You authenticate with the FIDO 2FA Security Key by inserting it in the USB drive and touching its button. Here again, you have to drag the device out of wherever you keep it and stick it in the drive. Oh, and if the device you're using doesn't support USB? Ooops.
A New Simplicity
Couldn't it be easier than that? Couldn't your possession of the smartphone be considered enough? The folks behind the Keeper Password Manager think so. Just released, the new Keeper DNA authentication system requires just a tap. You'll still have to whip out your smartphone, but you no longer need to poke at the keys to enter a code. And those using the Apple Watch can authenticate with a twist of the wrist and a tap.
Recommended by Our Editors
Not to be left behind, Twilio has just announced Authy OneTouch, which works just like Keeper DNA and also supports the Apple Watch. It will be a little while before app vendors and websites actually implement Authy OneTouch, but the company is confident that it will "soon become the standard for push authentication everywhere."
Everybody wants their privacy and security protected, but nobody wants to spend a lot of time and effort. Any time security solution introduces extra steps or other sorts of "friction," users will reject it. I'm impressed by the streamlined new approach taken by Keeper and Authy; I hope other vendors keep simplicity in mind.
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
Sign up for other newsletters
