eyelock-myris-review-01Given the rate at which emails and passwords are being stolen or leaked, it is fair to say that Internet security is a problem that concerns every web user. The truth is that the login+password pair is not the greatest way to secure access to your information, but the reality is that the whole web is built around that security scheme. At the moment, no other very exotic form of security has been mass-adopted. Paypal, LinkedIn and many more have been victims of high-profile hacks.

One of the biggest problems is that many people use weak passwords (easy for a machine to guess), and this is compounded by the fact that they use the same (weak) passwords on multiple sites. If one gets hacked, then all may fall. One way of preventing this from happening is to use more complex and different passwords for each site. However, with potentially dozens of sites (I have about 150 sites in my manager), it becomes very hard -or just impossible- to remember them all. It’s human nature, even hackers have been found to use weak passwords at times.

Myris from Eyelock has been designed to solve this problem by letting you use extremely complex passwords, without having to remember them, ever. Myris will encrypt and store the passwords, and you can use a simple way to unlock them: just look at the device and your unique iris pattern will be used to decrypt the vault.

Strong and weak passwords: what are they?

In case, you’re not sure about what “Strong Password” and “Weak Password” mean, I would like to clarify this before continuing.

The main metric for Strong/Weak is how easy it is for a machine (or a human) to guess. The first thing that a human would do is to guess your password by using information related to you: birthday, pet name, spouse name, etc… People often use these because it’s easy for them to remember. Unfortunately, it’s also easy to guess with a little bit of work. Maybe there are 20-30 obvious data points here.

With the help of a computer, hackers can also try using all dictionary words and all known slang, famous character names, etc… They also have lists of the most frequently used passwords (here on iPhone), of the worst passwords, which is even documented by some ridiculous studies on the topic. This means that if you use one of those, it is only a matter of time until they find the right one. Still, they must try tens of thousands of possible password in what is called a brute-force attack.

For you, the name of the game is to increase the number of possible combinations to make your login credentials harder to guess/crack. You can typically do that by mixing more characters in the password like capital letters, numbers and punctuation (like “sF154rhgES01#%”), or by simply making the password longer, maybe by using a pass-phrase like “yesterday Jaba the Hutt ate 10 bugs at diner”. Certainly, I think that the latter is easier to remember, but both are strong passwords.

It is best to use one unique strong password for each site you subscribe to. However, memorizing such passwords quickly becomes impossible. That’s what password managers have been invented.

A password manager is essentially a digital vault which contains all your passwords. Good password managers are (very) strongly encrypted so that if the vault was to fall in the wrong hands, it would be extremely difficult to crack.

Filed in Computers >Reviews. Read more about Biometrics, Eye, Password and Security.

Related Articles
User Comments