Want CNET to notify you of price drops and the latest stories?

Gates: Passwords passe

Biometric and smart-card technology will replace passwords to verify ID, Microsoft head Bill Gates says--again.

2 min read
Passwords will soon be a thing of the past, replaced by biometric and smart-card technology, Bill Gates reiterated on Tuesday.

Speaking at the Microsoft IT Forum in Copenhagen, Denmark, the Microsoft chair predicted that people will soon rely on alternative means of authenticating their identity.

"A major problem for identity systems is the weakness of passwords," Gates said. "Unfortunately, with the type of critical information (protected by) these systems, we aren't going to be able to rely on passwords. Moving to biometric and smart cards is a wave that is coming, and we see our leading customers doing this."

Gates added that Microsoft plans to issue smart cards to its employees for accessing the company building and their computers. The system will be based on Microsoft's .Net technology.

"In time, we will completely replace passwords," Gates said. "Having the .Net capability, we are very excited to see smart cards moving into this framework."

Smart cards contain a microchip that stores data. They have been used in cell phones and for online banking, among other things. Biometric technology is based on recognizing people's unique physical characteristics, such as facial structure or fingerprints, to authenticate identity.

There is growing acceptance in the technology industry that people need to supply greater proof of identity before being allowed to use corporate systems.

Last week, Howard Schmidt, the chief security officer for eBay and a former White House adviser on cybersecurity, called for greater use of two-factor authentication, in which people must supply two forms of identification.

"We're doing better security now, but we still depend on usernames and passwords as a way of getting online. We now have the technology for the end-user to have two-factor authentication. We expect to see security grow" and to see different security techniques being used together, Schmidt said, adding that people had to accept the need to supply more credentials.

Schmidt gave the example of how America Online was issuing two-factor Secure-ID tokens to many of its users. He said bank cards are also a good example of authentication: "They are something you have--the card--and something you know--the PIN."

The Microsoft IT Forum continues until Friday.

Dan Ilett reports for London-based ZDNet UK.