Technologist - The FindLaw Legal Technology Blog

Should You Dump Passwords for Face ID or Biometrics?

In these modern times of i-devices and wireless everything, cybersecurity is really important. From phishing scams to firewalls, lawyers and law firms need to be in the know in order to avoid being victims. Minimally, practicing good password security is a must as being duty bound to protect client information means potentially massive liability for data breaches and passwords are generally the keys to the data kingdom.

Among the most promising cybersecurity developments involves the integration of biometrics into authentication processes. Basically, using biometrics means that a malicious hacker cannot break into a password protected system by cracking the password because the password isn't typeable, at least in the traditional sense.

Surprisingly, biometric passwords, like a fingerprint or Apple's newest Face ID, are rather popular among employees (especially lazy and negligent ones), and are also good for business. Below, you'll find a few reasons to consider dumping your old passwords and jumping on the biometrics bandwagon.

It's Time to Change Your Password, Again

Logging into a computer, network, application, or online service takes time. It can often take too long because passwords and usernames get forgotten at an alarming frequency. Also, employees are notoriously careless with password maintenance and safekeeping. It is rather common to find employee passwords posted on post-it notes around work stations. After all, when an employee has to change their password every couple months and has a laundry list of rules to abide by, not writing it down somewhere will likely result in a call to tech support, and some lost time, to get the password reset.

Using a biometric password, like your fingerprint or face, means that employees never have to write down their passwords for fear of forgetting them, and your tech support team will no longer have to field the continual verification requests to reset passwords.

From Password to Passface

While Face ID is still rather new to the scene (at least Apple's version of it), using biometrics as an authentication tool not only appeals to the forgetful employees, but also promises to be more secure for employers. Sharing a password is easy, and while convenient and rather common, doing so creates potential security problems, particularly when it comes to monitoring systems use. Implementing biometric passwords essentially prevents others from being able to logon to someone else's accounts, thereby making monitoring, and tracing a breach, a simpler task.

It is worth noting however that passwords, in the eyes of the court, are different than biometric authentication processes. As courts have ruled that criminal defendants are required to unlock devices secured by a fingerprint (rather than by a password which cannot be compelled thanks to the Fifth Amendment), it's anticipated that other biometric processes, like Face ID, will follow the same logic.

Related Resources: