Tuesday 23 April 2019 8:07 am

Humans aren’t just a mess of words and numbers – so why are our passwords?

Protecting your identity used to be straightforward. You had your computer on your desk in front of you. Content was restricted to you alone, and all you needed was a key card and a one-time password.

Then 30 years ago, the World Wide Web was born, and everything became a lot more complex.

Since then, the number of web pages has grown exponentially. We saw the introduction of search engines such as Google. Kids started using computers to do their homework. Now, many of us don’t even use a computer at all – we instead use smartphones and surf the web via a range of connected devices.

Today, roughly 50 per cent of the world (3.6bn people) have internet access. But the growth of online data means that cyber attacks are becoming more frequent and severe.

It’s also becoming much easier for hackers to get a hold of a person’s digital identity. Currently, the onus is very much on consumers to ensure that they are being smart with their choice of passwords.

But many continue to use duplicate passwords – so if there’s one breach, they open themselves up to being attacked across their full range of online accounts.

Last month, Sir Tim Berners-Lee, the inventor of the World Wide Web, said that “global action is required to tackle the web’s downward plunge to a dysfunctional future”, and that problems such as data breaches, hacking, and misinformation need to be solved.

His comments beg the question: if we could trace the concept of identity back to where it first started, when there was more control, could we have avoided issues such as the Cambridge Analytica scandal?

While we can’t travel back in time (yet), we can design the future of identity so that technology adapts to humans – not the other way around.

As humans, we assess and verify a person’s identity constantly in everyday life, by recognising triggers such as tone of voice, body language, and other idiosyncrasies. It’s a continuous process, not a one-time transaction.

As we look at the future of the web, we’ll see technology move towards recreating these human, physical interactions.

In identity, this means authenticating a user based on their biometrics and behaviours, including how they’re typing, what time they’re active, and what location or device they’re logging in from.

We can use that information to detect anomalies. More natural forms of authentication will help us maximise data security and privacy, while providing a great user experience.

As consumers, we demand speed and don’t want to navigate a complex login process, but we also expect companies to protect our personal data and prevent data breaches with robust authentication. Emerging technologies, such as biometrics, offer the best of both worlds, making the internet more secure in one click or less.

Our digital identity is becoming as important as our physical one, and we should be able to navigate the online world without worrying about our credentials being stolen.

Humans aren’t simply a mess of words and numbers – nor should our passwords be.

City A.M.'s opinion pages are a place for thought-provoking views and debate. These views are not necessarily shared by City A.M.