A recent data breaches that undermine 16 billion login credentials have raised questions about the relevance of passwords. Some experts argue that it’s time to abandon their dependence on centralized databases and embrace a privacy-first mindset that leverages decentralization.
Seek a shift towards a “privacy-first” way of thinking
The massive data breaches bomb revelation that undermines 16 billion login credentials has plunged internet users into a new wave of uncertainty, sparking fear that cybercriminals are already stealing personal accounts. Security experts are urging immediate password changes, but important rebuttals assume that this reactive measure does not provide true protection against the same intrusion in the future.
Experts interviewed at Bitcoin.com News argue that instead of the traditional focus on simply changing passwords, recent violations require a radical paradigm shift. They argue that it is time to abandon their dependence on centralized databases that store sensitive user information and embrace a privacy-first mindset that essentially utilizes decentralization.
COTI CEO Shahaf Bar-Geffen argued that while society has historically trusted its “authorities” and institutions, this idea is not suited to well serve people in virtual spaces that increasingly mediate our lives.
“A world based on traditional trust is not suitable for the online world, but it is still a dominant mode of operation. Business online often leads to traditional endpoints that leave a trajectory of qualifications exposed across the platform,” explained Bar-Geffen.
This perspective is shared by Nanak Nihal Khalsa, co-founder of Holonym. He states: “The problem is that companies are still using these rather than decentralized alternatives because they are cheap and convenient. But there are safer and more effective ways to authenticate users and store sensitive data.”
According to Bar-Geffen, one such method is the use of distributed and encrypted data that can be accessed without decryption through innovations such as Zero Knowledge Proof (ZKP) and isomorphic encryption.
As reported by Bitcoin.com News, CyberNews researchers who discovered the violation said it was not just a leak, but a “blueprint for mass exploitation.” Other experts warn that cybercriminals can leverage leaked datasets to enhance identity theft, phishing and system intrusion.
Still, for others, massive violations are invoked that question the relevance of passwords in this era of cybercriminals being more refined. Though talks about eliminating passwords entirely have been going on for 10 years, Kalsa argues that no clear alternatives have emerged to distribute the password paradigm. As for PassKeys, Holonmy co-founder said, “It’s advertised as a viable alternative to passwords.”
“There are common rumors that PassKeys will replace passwords. However, PassKeys are usually synced to a cloud account that ultimately relies on passwords. Encryption keys can also be used, but they are difficult to manage. Recovery techniques tend to rely on accounts that require passwords.”
Meanwhile, Bar-Geffen believes tools like distributed IDs, ZKPs, and Crypto wallets will already serve as “secure user-controlled access and authorization methods.” However, the challenge is to impose businesses, governments and users on a privacy-first approach. He also highlights why adopting a privacy-first approach is important in the age of artificial intelligence (AI).
“There’s also the issue of incoming AI calls. With AI automation spreading, it’s important to move to new models (self-rich and permitted privacy). This will worsen the scale of data breaches and even make the Internet unusable without privacy without the new model.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
