Mansour highlights safer, smarter future with passwordless authentication

Image
Christopher Mansour

In an era marked by increasing cyber threats and digital fatigue, Dr. Chris Mansour, associate professor of Cyber Security at Mercyhurst University, presents a compelling case for the future of online security, advocating for the shift from traditional passwords to passwordless authentication.

From phishing scams and data breaches to the endless frustration of forgotten logins, the pitfalls of passwords are well known. Mansour maintains that as cyberattacks grow more sophisticated, it is time for our defenses to evolve. In a recent commentary, he explores the vulnerabilities inherent in password-based systems and introduces passwordless authentication as a superior alternative—both in security and user experience.

Passwordless authentication replaces “something you know” (passwords) with “something you are” (biometrics), “something you have” (a secure device), or a one-time, cryptographically protected link. These methods not only make it harder for attackers to gain access but also streamline the login process for users.

Mansour explains how leading companies like Google and Apple are already adopting passwordless solutions through “passkeys,” allowing users to authenticate using the same fingerprint, facial recognition, or PIN they use to unlock their devices. These technologies keep biometric data stored securely on the user’s device, safeguarding privacy while improving security.

“Passwordless authentication isn’t a futuristic concept—it’s already here,” Mansour said. “It’s time we all take steps toward a more secure and convenient digital experience.”

Mansour shares his insights in an accessible guide here