R.I.P. Passwords: How HYPR’s True Passwordless Security Is Changing the Game

Dcode

People have been predicting the demise of passwords as early as 2004, when Bill Gates stated at the RSA Conference that passwords “just don’t meet the challenge for anything you really want to secure.”

Despite concerns about online security and password strength, the statistics around password security are alarming. Just over one-fifth of American and British consumers use passwords that are more than 10 years old, and close to half use passwords that are more than five years old. To demonstrate the sad state of affairs: among the most popular passwords are “123456” and “password.”

As you might imagine, password security is the stuff of nightmares for the U.S. federal government. At once the nation’s single largest employer and primary body politic, there are millions of people who require access to government systems on a daily basis. That these processes be reliable and secure is essential; in fact, our safety depends on it.

Passwords are a major liability, which is why HYPR Corporation has figured out a way to do away with them entirely. Today, HYPR is the world’s leading provider of True Passwordless Security.

HYPR is the first authentication platform designed to eliminate shared secrets, effectively removing hackers’ primary target (passwords) and eliminating fraud, phishing, and credential reuse for both consumers and employees across the enterprise.

Unlike legacy authentication solutions, HYPR replaces passwords and other shared secrets such as PINs and one-time passwords (OTPs) by leveraging commonplace mobile devices’ passwordless authenticators (biometrics) and enhanced security features such as hardware trust zones that store private keys below the smartphones’ operating systems.

Tying it all together is Public-Key Cryptography (PKC) and open standards such as FIDO Alliance ones, which the National Institute of Standards and Technology (NIST) cited in a recent cybersecurity practice guide. These advances in mobile devices and open-source standards enable HYPR to decentralize authentication so that a user’s credentials are never shared and always remain safely stored on their personal devices.


A team of cyber gurus founded HYPR Corp in 2014 in New York City, and it has since raised close to $14 million in funding. Leading the company is CEO and cofounder George Avetisov, who made the 2019 Forbes 30 Under 30 List in the Enterprise Technology category.

The private sector has already started to embrace HYPR as a powerful cybersecurity tool. Giants such as Samsung, Mastercard, and Aetna are in HYPR’s impressive portfolio of commercial clientele, investors, and partners.

There are several reasons why customers are eager to take advantage of the security solution that HYPR offers. Primarily, HYPR technology rids the need for passwords and shared secrets altogether with respect to access by both internal enterprise employees and the customer-facing side.

For example, HYPR could enable you to securely log into your IRS account to pay your bill without being slowed down by password prompts. Eventually, HYPR engineers are looking to incorporate the solution in IoT technology. (Don’t be surprised when we all start using mobile or wearable devices to log into our smart houses.)


Other solutions that claim to provide passwordless security are misleading. More often than not, passwordless security involves just scrubbing passwords from the user interface instead of truly eliminating them under the hood.

HYPR, on the other hand, provides a decentralized biometric tokenization scheme that gives enterprises the option to replace the use of centralized password-based systems. By forcing malicious hackers to divert attention from a centralized server to many personal devices, this scheme decreases the viability of an attack on the client-server authentication channel, rendering the common, server-side data breach utterly unscalable. HYPR also forces a hacker toward an unscalable, unprofitable undertaking.

With cyberattacks at an all-time high, it might be time to abandon passwords for good. In the meantime, you have to stop thinking that “blink182” is a good password.

Dcode

Written by

Dcode

Connecting the tech industry & government #DcodeTheGov

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade