Oracle founder and CTO Larry Ellison announced a bold plan to eliminate passwords for Oracle employees within the next year. Speaking at Oracle CloudWorld 2024 in Las Vegas, Ellison criticized passwords as insecure, outdated, and dangerous. “The idea that we use passwords is a ridiculous idea.
It’s obsolete. It’s very dangerous,” Ellison said during his keynote address. He pointed out that passwords, often requiring complex combinations of characters, are prone to being forgotten and easily stolen.
Ellison suggested that biometric security measures, such as facial recognition or thumbprint recognition, are more secure and user-friendly alternatives to passwords. “Biometric logins are much easier to use, faster, and more secure,” he claimed. “You point your smartphone at your face for a couple of seconds, or you put your fingerprint on a sensor.”
However, Ellison acknowledged that biometric technology is not without its challenges.
Oracle’s biometric future without passwords
Security incidents in recent years have raised concerns about the safety of storing vast amounts of personal data. In 2020, Clearview AI was hacked, though the breach only exposed the company’s client list.
In 2018, civil liberties group Big Brother Watch reported a 98% failure rate in facial recognition technology used by UK police to identify criminals. Deepfake technology also poses a growing threat to biometric security. In one incident, a finance worker in Hong Kong was tricked into transferring $25 million to cybercriminals who used deepfake technology to impersonate the company’s chief financial officer in a conference call.
Despite these concerns, Ellison remains optimistic about the potential of biometrics to significantly improve cybersecurity, provided that companies exercise caution in handling and protecting biometric data. He noted that biometric technology could enhance security in other sectors, such as credit cards or schools, to prevent unauthorized physical access. “It becomes very difficult to impersonate somebody else if you have proper user authentication,” Ellison added.
Oracle’s commitment to eliminate passwords internally within the next year is a bold step towards a biometric future in cybersecurity.
