Biometrics - Password Problems Solved?
Updated: Feb 5
What if you only ever needed to remember ONE password to access every site you're signed up to on the Internet?
It is estimated that around 7% of adults in the UK have never used the Internet (ONS 2019). The figure for people over 65 is around 8%. Pretty good eh? But let's examine those figures... There is a great difference between "using the Internet" as a casual "Googler" and information-gatherer, and using the Internet to shop, manage your bank account and access utilities and social media sites, each of which require you to sign-up and sign-in.
One of the most common reasons that people do not use these services is that they are confused by the baffling, and sometimes conflicting things they have heard about passwords and password management. This is a special problem for those of us living with dementia, whose failing organisational and memory skills make remembering user names and passwords a potential nightmare. Have a quick scan through the list of Do's and Don'ts below and you'll see exactly why so many people are daunted, and simply don't want to risk dipping their toes into e-commerce, banking or any other areas or sites that require logins.
And who can blame them?
Do create unique passwords that that use a combination of words, numbers, symbols, and both upper and lowercase letters
Don't use your network username as your password
Don’t use easily guessed passwords, such as “password” or “user”
Don't choose passwords based upon details that may not be as confidential as you’d expect, such as your birth date, your Social Security or phone number, or names of family members
Don't use words that can be found in the dictionary. Password cracking tools freely available online often come with dictionary lists that will try thousands of common names and passwords. If you must use dictionary words, try adding a numeral to them, as well as punctuation at the beginning or end of the word (or both!)
Don't use simple adjacent keyboard combinations: For example, “qwerty” and “asdzxc” and “123456” are horrible passwords and that are trivial to crack
Don't use the same password at multiple Web sites. It’s generally safe to reuse the same password at sites that do not store sensitive information about you (like a news Web site) provided you don’t use this same password at sites that are sensitive
Don't use the password you’ve picked for your email account at any online site: If you do, and an ecommerce site you are registered at gets hacked, there’s a good chance someone will be reading your email soon
Don’t store your list of passwords on your computer in plain text.
Blimey! what a long list!
All of the above information is valid and good practice - I can't fault it. But how do you manage to remember all of the complex, passwords you will generate? and where will you safely store them? Can you see now why there needs to be a simple, secure and friendly solution to these problems that will address the fears that deter people living with dementia and their carers from making full use of the wonderful opportunities afforded by Internet access.
Well guess what?
The solution exists! It's called biometrics. It can make life a lot easier for people living with dementia. And it's right under your nose.
Available for free within Windows!
What are Biometrics?
Biometrics is the science of measuring a person's unique physical and behavioural characteristics. The technology was originally developed for identification and access control and for identifying people who are under surveillance. The basic idea of biometrics is that every person can be accurately identified by their unique physical or behavioural traits.
The term biometrics is derived from the Greek words bio, meaning life, and metric, meaning to measure.
We all know that no two fingerprints are alike. The same thing applies to the iris and retinal patterns of the eye, the veins in our hands, our voices and the relative positions and size of our facial features. In a nutshell, unique human characteristics are measured, and the (biometric) information stored. This information is then used for comparison in future security checks. Types of biometrics include:
Finger geometry (the size and position of fingers)
Information gathered from any one or more of these sources can be used as an incredibly strong password.
How can I use biometrics to replace my passwords?
Here's what you'll need if you're a PC user (I'm afraid I haven't got the space to address solutions for other platforms in this article, but if you do a little online research, you'll find the answers you require). I'm going to concentrate on fingerprint readers in this article, but the set-up is more or less the same for other biometric devices.
I recommend the following:
A USB fingerprint reader - You can purchase a fingerprint reader either online or at Currys PC world for between around £20 to £60. This may sound like a lot of money, but these little USB devices can be used on any PC and are easily transferrable.
Fingerprint readers usually work straight out of the box - just look out for the smiley Windows Hello logo when you purchase one.
Secure password management software that supports biometric log-ins - There are many to choose from. Some are free and some work on a subscription model. In this article I'll be talking about the one I use called Keeper. Keeper stores all of my passwords and login information on the Cloud, so I can use the same information safely and securely from my mobile phone, tablet, desktop or laptop regardless of which operating system I'm using.
Windows Hello - Well. You'll be pleased to know that Windows Hello is already included for free in your Windows 11 Operating System. If you don't have Windows 11, you should seriously think of upgrading to it as it is much more secure than older versions.
Guide to setting-up
Get the fingerprint reader up and running on your system
Select Start > Settings > Accounts > Sign-in options Under Manage how you sign in to your device, you'll see three choices to sign in with Windows Hello:
Windows Hello Face to set up facial recognition sign-in with your PC's infrared camera or an external infrared camera
Windows Hello Fingerprint to set up sign-in with a fingerprint reader
Windows Hello PIN to set up sign-in with a PIN.
We'll select the Windows Hello Fingerprint option. We'll then be asked for a Personal Identification Number (PIN), just like the one you use in the cash machine. Choose it carefully and don't forget it - it will be the only password you'll ever need to remember when you've finished setting things up!
Next, a "wizard" will guide you through the process of recognising and storing your biometric fingerprint information by repeatedly touching the sensor until it has "memorised" your fingerprint. You can store up to ten fingerprints, and I recommend that you store at least four of your own (in case of injury) and perhaps one or two of your carer's or family members (if appropriate). Finished? Well done! once you restart your computer you can click on the little eye-shaped icon on the login screen and log onto your PC by simply touching the fingerprint reader pad. If for any reason your fingerprint isn't recognised, simply use the PIN you set up earlier. Full info can be found on the Microsoft website HERE:
Using your Password Manager
Once you've installed your Password Manager, you can use your fingerprint to access that too once you've selected the option "Windows Hello Login"in the Settings (see screenshot below).
Next, add all of your usernames and passwords to the password manager. It will store them in a securely encrypted vault. For any new sites, you can ask the password manager to generate you a random password. It can be very long and full of a mixture of letters, numbers and symbols, but you'll NEVER have to remember it because your password manager will automatically fill in the boxes when you log onto the site. The screenshot below shows a username and password entry for a parking website (don't worry, it's not active anymore!).
Hopefully, your now up and running with biometrics, and the burden of password management has been lifted from your shoulders. You can use complex, secure passwords without having to write them down or remember them. You will be much safer and more secure online.
I hope you have understood the thrust of this blog article. I'm not an I.T. professional, I'm just a bloke living with dementia who has found a coping strategy that enables me to use the
internet without the problems of managing multiple usernames and passwords with all of the issues of remembering, managing bits of paper, keeping notebooks that can be stolen and all of the other barriers that put people off of using the Internet to its full potential. Please let me know if you found this helpful, or tell me if I've got things wrong or could have provided more clarity. It's a fine balance between brevity and verbosity, so forgive me if I've got the wrong mix. And please let me know if you'd like me to write a little more on this topic. I'm quite excited about it because I think that biometrics can make life a lot easier for for people living with dementia.