Facebook's head of security wants passwords to become a 'thing of the past'

Alex Stamos, Facebook's global head of security, has something to say about passwords. They have to go.

Speaking at Irish tech conference Web Summit, Stamos said on Wednesday that he wants now-ubiquitous passwords - used to secure everything from social networking profiles to laptops and bank accounts - to become "a thing of the past."

He argued that the passwords came out of having multiple users on mainframe computers in the 1970s: They "make no sense in 2015."

So what comes next? Stamos doesn't pretend to know for sure. But he called on the security industry to be more tolerant of trials as people try to figure it out. "In security we're not very good at experimenting and letting people fail … We need to be more open about letting people move forward and try new [options] and make mistakes," he said, "without it being a massive scandal."

As more smartphones and devices become able to read biometric data (like fingerprints or irises), such scanners become an increasingly viable way to authenticate identities. Another possibility is use of two-factor authentication: Using a second device (typically a smartphone) to verify someone trying to log in is who they say they are. This doesn't necessarily do away with passwords altogether - but does reduce reliance on them.

Facebook isn't the only company thinking about how we'll secure devices in the future. In May 2015, Google made a change to its login screen - shifting the password entry prompt to a new page after the user enters an email. At the time, TechCrunch's Sarah Perez interpreted this as a hint of a "future beyond passwords," an "incremental step between the old way of doing things, and some future where Google hopes to augment or otherwise improve logins either by adding another layer on top of the password entry, or by doing away with the password altogether."