November 16, 2004 10:18 AM PST
Gates: Passwords passe
- Related Stories
Firms tighten up business securityNovember 15, 2004
Things that scare Sun's SchwartzOctober 29, 2004
U.S. moves closer to e-passportsOctober 25, 2004
Digital Agenda: Homeland security--Companies profiting from fear (page 2)October 18, 2004
Microsoft under your thumbSeptember 8, 2004
Speaking at the Microsoft IT Forum in Copenhagen, Denmark, the Microsoft chair predicted that people will soon rely on alternative means of authenticating their identity.
"A major problem for identity systems is the weakness of passwords," Gates said. "Unfortunately, with the type of critical information (protected by) these systems, we aren't going to be able to rely on passwords. Moving to biometric and smart cards is a wave that is coming, and we see our leading customers doing this."
Gates added that Microsoft plans to issue smart cards to its employees for accessing the company building and their computers. The system will be based on Microsoft's .Net technology.
"In time, we will completely replace passwords," Gates said. "Having the .Net capability, we are very excited to see smart cards moving into this framework."
Smart cards contain a microchip that stores data. They have been used in cell phones and for online banking, among other things. Biometric technology is based on recognizing people's unique physical characteristics, such as facial structure or fingerprints, to authenticate identity.
There is growing acceptance in the technology industry that people need to supply greater proof of identity before being allowed to use corporate systems.
Last week, Howard Schmidt, the chief security officer for eBay and a former White House adviser on cybersecurity, called for greater use of two-factor authentication, in which people must supply two forms of identification.
"We're doing better security now, but we still depend on usernames and passwords as a way of getting online. We now have the technology for the end-user to have two-factor authentication. We expect to see security grow" and to see different security techniques being used together, Schmidt said, adding that people had to accept the need to supply more credentials.
Schmidt gave the example of how America Online was issuing two-factor Secure-ID tokens to many of its users. He said bank cards are also a good example of authentication: "They are something you have--the card--and something you know--the PIN."
The Microsoft IT Forum continues until Friday.
Dan Ilett reports for London-based ZDNet UK.
8 commentsJoin the conversation! Add your comment