1 minute read
TIMELINE
from Cyber - March 2023
A WORLD WITHOUT PASSWORDS: THE RISE OF PASSWORDLESS TECH
From MFA to biometrics, the humble password could soon be a thing of the past. Cyber Magazine looks at the past, present, and future of passwordless technology
Advertisement
1960 S 1980 S
The origin of the password arrived in the mid-1960s at MIT with the development of the Compatible Time-Sharing System. It allowed hundreds of users to share the computer with a common mainframe. The password was developed as an accounting tool to allow users access to their specific resources for a certain amount of time.
One-time passwords
The first version of ‘passwordless’ authentication arrived in the 1980s in the form of dynamic, one-time passwords (OTP) held on physical fobs. OTPs would eventually develop into two protocols: time-based OTPs (TOTP) and cryptographed hash-based message authentication codes, or HMAC OTPs. Dynamic OTPs are still widely used as an authentication protocol.
2011 2013
Touch ID
The rise of mobile boosted the popularity of passwordless technology. In 2013, Apple introduced Touch ID, a precursor to Face ID, making passwordless biometric authentication ubiquitous today. Since then, passwordless strategies have allowed mobile-first businesses to authenticate users and perform account verification in a single, easy step through a user’s mobile phone.
Multi-factor biometrics
In late 2011, IBM predicted that “multifactor biometrics” would become the dominant authentication protocol, creating a completely passwordless world. Two years later, in 2013, Google announced it had made multi-factor authentication protocols standard within the organisation.
Single Sign-On
The first Single Sign-On solutions appeared with Active Directory in the late 1990s, an early Access Management system that was first launched with Windows 2000 Server Edition. SSO helped organisations manage user authentication across an entire network of applications.
Multi-factor authentication
The late 1990s and 2000s saw the rise of multi-factor authentication. AT&T actually holds the earliest recognised patent – dating back to 1998 – but multi-factor auth (MFA) and single sign-on (SSO) really took off when organisations like Google began building them into their applications as a form of passwordindependent authentication.
