Gates: Passwords passe

Passwords will soon be a thing of the past, replaced by biometric and smart-card technology, Bill Gates reiterated on Tuesday.

Speaking at the Microsoft IT Forum in Copenhagen, Denmark, the Microsoft chair predicted that people will soon rely on alternative means of authenticating their identity.

"A major problem for identity systems is the weakness of passwords," Gates said. "Unfortunately, with the type of critical information (protected by) these systems, we aren't going to be able to rely on passwords. Moving to biometric and smart cards is a wave that is coming, and we see our leading customers doing this."

Gates added that Microsoft plans to issue smart cards to its employees for accessing the company building and their computers. The system will be based on Microsoft's .Net technology.

"In time, we will completely replace passwords," Gates said. "Having the .Net capability, we are very excited to see smart cards moving into this framework."

Smart cards contain a microchip that stores data. They have been used in cell phones and for online banking, among other things. Biometric technology is based on recognizing people's unique physical characteristics, such as facial structure or fingerprints, to authenticate identity.

There is growing acceptance in the technology industry that people need to supply greater proof of identity before being allowed to use corporate systems.

Last week, Howard Schmidt, the chief security officer for eBay and a former White House adviser on cybersecurity, called for greater use of two-factor authentication, in which people must supply two forms of identification.

"We're doing better security now, but we still depend on usernames and passwords as a way of getting online. We now have the technology for the end-user to have two-factor authentication. We expect to see security grow" and to see different security techniques being used together, Schmidt said, adding that people had to accept the need to supply more credentials.

Schmidt gave the example of how America Online was issuing two-factor Secure-ID tokens to many of its users. He said bank cards are also a good example of authentication: "They are something you have--the card--and something you know--the PIN."

The Microsoft IT Forum continues until Friday.

Dan Ilett reports for London-based ZDNet UK.

[unknown unknown]

Thumbprint scanners can be defeated with gummy bears.

<EOM>

[unknown unknown]

Thumbprint scanners can be defeated with gummy bears.

<EOM>

[i,Jimbot]

Blah blah blah.....

For decades, Bill Gates has made predictions that are supposed
to happen "in the future" or "very soon". When most of his
predictions don't come to pass, he's never held accountable.

His is the shotgun approach - make a lot of predictions and one
or two may turn out to be true. Meantime, look at the
predictions he made about what Longhorn is supposed to do.
Now it's late and it's not going to do many of the things he said
it would.

This guy is no seer - he's a businessman.

[i,Jimbot]

Blah blah blah.....

For decades, Bill Gates has made predictions that are supposed
to happen "in the future" or "very soon". When most of his
predictions don't come to pass, he's never held accountable.

His is the shotgun approach - make a lot of predictions and one
or two may turn out to be true. Meantime, look at the
predictions he made about what Longhorn is supposed to do.
Now it's late and it's not going to do many of the things he said
it would.

This guy is no seer - he's a businessman.

Sorry, Bill

So if bill's idea falls through, your passwords are secure. Am I
the only one who still doesn't feel safe? Rooting a windows box
is 4 minutes for a script kiddie on neworder.box.sk, or some
other site, and guess what? Very few of those exploits involve
any form of password. We might be secure if we all used
thumbscanners, optical scanners, and voice identification, but
then again, our computers would also be fairly secure in a safe
in the middle of fort knox. Secure, but not convienent. I say if
people are having security problems with thier windows, get a
free-BSD or something. You know, a REAL computer.
Not trying to flame or anything, hell one of my computers is
windows, just pointing out what should be obvious.

-Charre

Sorry, Bill

So if bill's idea falls through, your passwords are secure. Am I
the only one who still doesn't feel safe? Rooting a windows box
is 4 minutes for a script kiddie on neworder.box.sk, or some
other site, and guess what? Very few of those exploits involve
any form of password. We might be secure if we all used
thumbscanners, optical scanners, and voice identification, but
then again, our computers would also be fairly secure in a safe
in the middle of fort knox. Secure, but not convienent. I say if
people are having security problems with thier windows, get a
free-BSD or something. You know, a REAL computer.
Not trying to flame or anything, hell one of my computers is
windows, just pointing out what should be obvious.

-Charre