PASSWORDS AT YOUR FINGERTIPS

The reality of computing today is that you must use (and keep track of) a multitude of personal username/passwords combinations. While a fair number of software programs running on your PC need such protection, (perhaps five to ten) the explosive use of Internet commerce can make managing the number of such passwords overwhelming.

As consumers continue to use Web sites for paying bills, ordering goods and services and managing finances and investments their need for privacy and security increases substantially. You might not personally think about such issues on a daily basis, but just imagine for a moment the havoc that could be created if anyone were to gain access to all of your Web site log-in and password information.

Not only would such access allow for theft of your assets, (through simple account transfers) but the malicious opportunities are endless. In a matter of minutes someone else could book you on an expensive (and non-refundable) flight to China, shift all of your investments into a risky penny-stock, delete all of your automatic bill-payments, and enter several "winning bids" for you at action sites, and for merchandise you're un-likely to appreciate.

Unfortunately, while online security needs continue to increase in complexity many users respond to these overwhelming demands by actually lessening their diligence. In order to cope, simple (and risky) tactics become rather appealing. You won't have to look far (perhaps in any mirror) to find users who:

While each of these strategies creates substantial risk, they are understandable given the alternatives. Anyone who uses complex and distinct username/password combinations has certainly experienced a great deal of frustration as a result of their security consciousness. If you're in this group, you have no doubt:

In the end, software and Web site security is very much a Catch-22 - with either approach to protecting your sensitive information having undesirable consequences.

While there are a number of potential solutions to this problem, one of the most intriguing is the use of bio-metrics (analysis of voice, fingerprint, retinas, etc.) in order to restrict access for privacy and security.

The main benefits to such an approach are that bio-metric information is highly unique to each individual, and is also quite difficult to replicate by others.

While bio-metrics is not a new concept in security, what has changed is the ease of implementation, and also the issue of affordability.

I have recently tested such a bio-metric device that uses fingerprint analysis, the Targus DEFCON Authenticator. With a suggested retail price of just $120, the Authenticator moves bio-metric security into a price range that can be considered affordable and reasonable to just about anyone, especially when you consider all that the device does.

The Authenticator comes bundled with Softex's OmniPass software, and it's this combination that creates a compelling and efficient security solution. Rather than simply authenticating a user for access to the entire computer, OmniPass keeps track of all username/password combinations used for accessing both software and Web sites.

This allows you the freedom to create complex, unique and secure logins for each program and Web site that you use, but without having to personally remember them or having to record them where they might be discovered by prying eyes.

Instead, when you launch a password protected program or Web site, the OmniPass software will "auto-complete" your login, but only after first scanning your fingerprint to verify your identity.

As a result, while anyone in your home or workplace (or a thief) may be able to access your computer, they will be completely unable to access private and sensitive information without your fingerprint!

While it takes a few days to get into used to having your fingerprint scanned each time you want access to a protected program or site, it soon becomes second nature. The extra effort is well worth such exceptional security, and is certainly preferred to having to remember or record passwords for an endless stream of Web sites.

In order to receive the full security benefits of this technology, you should consider changing existing login and password combinations (assuming that many are not as unique and secure as they should be) and then also clear any logins that have been already stored by your browser.

While the Targus DEFCON Authenticator has many benefits, and is both affordable and quite small, there are some limitations.

First of all, while configuring the software and fingerprint scanner is not especially difficult, the documentation was not particularly well done, and some patience is required. Additionally, not every program or Web site is designed in a way that the OmniPass software would recognize, though most are. Finally, the software does not appear to function with browsers other than Internet Explorer, which will be a major drawback for some.

That said, the Authenticator itself functioned flawlessly and the overall packaged presents a simple way to apply substantial privacy and security at a time when most are in greater need of both than they probably realize.

Specifications and details for the Targus DEFCON Authenticator can be found at: http://www.targus.com/us/accessories_security.asp along with their other security products.

--

Copyrighted with all rights reserved by Stephen M. Canale