Before checking your email, Instagram, or bank account, the one thing that you likely do first is enter your password. This amounts to little more than muscle memory because most people have already absorbed their passwords into their brains just as they do a relative’s birthday or their favorite athlete’s scoring statistics.
For any number of reasons, when it comes to their devices, many people choose not to use passwords at all, either because they think they have nothing valuable on their computers or because in their eyes, a hack is unlikely. Others justify a bare minimum password, which could mean setting their laptop’s start screen credentials to "123456," reusing an old login, or doing so with minor alterations.
This type of negligence might not have borne consequences yet, but is quite dangerous to leave unaddressed. Ask yourself a simple question: how similar is that password to the one protecting your truly treasured materials? Unfortunately, the answer is usually that they’re almost identical.
Humans have a hard time remembering strong passwords for each of their favorite applications, platforms, and accounts, so if they aren’t identical, then they’re often quite similar. Few have the memory required to contain tens of long-tail phrases, and this represents an immense security risk as computing technology gets more powerful. Thankfully, one of blockchain’s most pertinent uses will render these concepts obsolete.
What’s Wrong With Passwords?
Taking a strong password and altering it slightly isn’t a bad deterrent for humans trying to break into your device, but it’s not humans doing the breaching. Using passwords requires that we remember them, which automatically means that they’re simple enough for most computers to guess, given enough time. (See also: Can Bitcoin Be Hacked?)
Computers and their powerful algorithms can use brute-force tactics to guess thousands of potential letter and number combinations in seconds, so it doesn’t matter how clever you think your password is. However, an easily guessed password represents the lowest-hanging fruit for most fraudsters. There are many other ways they can get their hands on it, and from there, access to the rest of your accounts and assets.
Phishing emails are designed to look like those sent by legitimate institutions, and might prompt you to “change” your password, or install keylogging software that spies on the keys you press. Regardless of how they go about it, all these methods are designed to capture your password and then discover a bread crumb trail to your other sensitive information. This is a threat to individuals, surely, but for enterprise companies which still use passwords for work terminals, the risk is even greater. (See also: What Is a "Phishing Scam" and How Can They Be Avoided?)
When it comes down to it, the real problem with passwords is that they still exist. However, there were few alternatives available until blockchain began to show signs of maturity a short time ago. (See also: Cyber Wars: How The U.S. Stock Market Could Get Hacked.)
Credentials Courtesy of Blockchain
Blockchain is now spreading through the technology mainstream like wildfire, with developers and businesspeople alike in wonder over its powerful, decentralized methodology. One of the first proposed applications of blockchain was to create something called a self-sovereign ID, which employs cryptography and network cohesion to change how people identify themselves online.
The bottom-most layer of blockchain is the public ledger which records all transactions of data on its network and shares it in real-time between active nodes. However, there is no central authority to organize it. Instead, algorithmic consensus determines the veracity of transactions and their order on the ledger, creating a type of shared authority over what happens on the network.
Additionally, blockchain employs the highest standards of cryptography to create a layer between one’s public blockchain address and their real identity. A user is assigned one single private ID, which is paired to the public ID that represents themselves on the chain.
When they receive data, in the form of a cryptocurrency trade or message, for example, the recipient must use their private ID to access it. This dual-layered defense means that hackers are without a way to corrupt the network—thanks to decentralization—but also without a method of tying identifying information to any single transaction or account.
Putting Next-Generation Passwords Through Their Paces
Blockchain startups are already hard at work to put the idea of self-sovereign ID into practice, helping make passwords a thing of the past. Companies like SelfKey are using this new authentication paradigm to offer citizens in any country a standardized way to apply for and verify important documents across borders. Other companies like LastPass, which stores encrypted passwords in private accounts, have been attracting users in the last few years.
Applying for passports, opening a bank account, starting a charity and other common processes are more easily managed when an individual owns their own digital ID, and can use it freely and safely no matter how disparate the components of their livelihood.
REMME is a next-generation access protection -- and whose token sale reached its hard cap of $20 million in February -- distills the most important ideas of blockchain into a streamlined application that has a single, powerful purpose: the ability to log in to any service more securely, especially because passwords aren’t involved. Instead, the REMME blockchain stores a user’s unique device certificates on its decentralized network, so that when they want to log in to a web property or application, they simply need to click the REMME button to login. The application checks the ledger to verify that the correct device certificate is pinging for entry, and immediately grants entry into the account.
Two-factor authentication strengthens the deal, so if a user conceivably wants to get into their bank account, for example, they’d need to press the button on their bank’s page but also confirm from their phone. Such a service is leagues ahead of current-generation password managers like LastPass or NoPassword, and is already gaining notoriety in the marketplace.
These are some of the most evolved examples available of how blockchain is revolutionizing the idea of digital credentials. No longer will users need to reconcile their own memory with their safety, and neither will they entrust their login information to centralized authorities. What results is a more secure technique for managing our digital existence, and a simple product that combats existing exploits in a streamlined package. With these kinds of solutions on the horizon, it’s only a matter of time before hacks like the one perpetrated against Equifax’s servers last year exist only in the dustbin of history. (See more: Was I Hacked? Find Out If the Equifax Breach Affects You.)
Investing in cryptocurrencies and Initial Coin Offerings ("ICOs") is highly risky and speculative, and this article is not a recommendation by Investopedia or the writer to invest in cryptocurrencies or ICOs. Since each individual's situation is unique, a qualified professional should always be consulted before making any financial decisions. Investopedia makes no representations or warranties as to the accuracy or timeliness of the information contained herein. As of the date this article was written, the author owns cryptocurrencies.