· Morgan Richards · Tech News · 3 min read
Better security comes with greater complexity
Modern cybersecurity offers stronger protections but adds complexity. Learn how passkeys, 2FA, and behavioural monitoring affect your online safety.
Antivirus software used to be a must-have for every computer. Big brands like Norton, Trend Micro, and McAfee promised protection from a tidal wave of viruses. These days, viruses are much rarer, especially if you steer clear of shady warez and torrent sites. Modern operating systems and web browsers now come with built-in protections that handle most of what antivirus software used to guard against.
That doesn’t mean the internet is safer. Cybercriminals no longer rely on meticulously-programmed viruses and trojans to infiltrate your devices. Instead, they use emails, fake websites, and messages to trick you into handing over passwords, banking details, or sensitive information. Many of these phishing scams are crude and easy to spot, but even canny users sometimes let their guard down and click on a dodgy link in a spoofed email.
In the past 15 years or so, banks, airlines, insurers, phone and internet providers, supermarkets, and just about every other company under the sun has gone online. This means millions upon millions of accounts, logins and passwords — and cybersecurity risks for every single customer on a user database.
The online arms race to keep user data secure from hackers and scammers has led to an overwhelming stack of passwords, passcodes, passkeys, and 2FA codes sent via text, email, or authenticator app, all just to prove it’s really you when you log in.
In the good old days, it was sufficient to set your Hotmail password to something like TopSecret!007 and add a security question, for example, “What was the name of your first pet?”. (Mine was “Noodles” — not that I would ever publicly disclose that, of course.)
Passkeys are the latest innovation, aiming to replace passwords with biometric authentication, like fingerprints or facial recognition. Your device generates a unique key pair—a private key stored securely on your device and a public key stored on the server. Logging in is as simple as unlocking the private key with your biometrics or PIN.
Passkeys reduce phishing risks and streamline logins but can be cumbersome if you use multiple devices. Accessing accounts on a new or shared device often requires transferring keys or setting up backups, which can quickly become confusing.
Banks and other sensitive platforms add further layers of complexity to prevent cybercrime. Many now monitor keystroke patterns, mouse movements, or behavioural cues to detect fraud. While these measures aim to protect users, they can also result in accidental lockouts, leaving users to navigate convoluted recovery processes.
Part of this whole situation is simply that so much more of the world is internet-first these days — and that means a lot more complexity to manage if you want to stay safe. Online security may be stronger than ever, but it has come at the cost of simplicity.
