Requirement 2b — Authentication in Daily Life

Every day, you prove who you are dozens of times. You unlock your phone. You log into email. You swipe a student ID card. You might even use your fingerprint to access your parents’ computer. Modern society relies on three main ways to verify identity: tokens (physical objects), passwords (secret knowledge), and biometrics (your body). Let’s explore each one and see how they fit into your daily life.

Tokens: The Physical Key

A token is a physical object that proves you are who you say you are. The most common tokens are:

ID Cards and Credentials Your school ID, driver’s license, passport, and employee badge are all tokens. They have your photo, signature, and official seal from an authority (your school, the government, your employer). When you show your driver’s license to prove your age or your passport to enter a country, you’re using a token. The token proves you were authorized by that institution to have one.

Key Cards and Fobs Many office buildings, apartment complexes, and gyms use card readers. You tap a plastic card or fob to a scanner and the door unlocks. That card is a token—it’s a physical proof that you’re authorized to enter. If you lose the card, someone else could use it to enter. If the institution knows you’re no longer authorized, they can deactivate the card.

Physical Keys A traditional key is the simplest token. It fits a specific lock and only people with that key can open it. A car key, a house key, a locker key—all tokens.

The Token Weakness Tokens have a big problem: they can be lost, stolen, or forgotten. If you lose your car key, someone who finds it could steal your car. If you lose your access card, someone could impersonate you at work. For this reason, modern systems often combine tokens with passwords or biometrics for extra security.

Passwords: The Secret Knowledge

A password is something only you know. It’s the most common security method in the digital world. Your email password, your social media password, your banking PIN—these are all secrets that only you should know.

Why Passwords Work If only you know your password, then only you can log in. It’s simple and it works. When you enter your password, the computer compares it to the stored password and grants you access if they match.

The Password Problem Passwords have serious weaknesses. People reuse passwords across multiple sites. People write them down. People share them. Hackers use software to guess weak passwords quickly. “123456” is the most common password in the world—it’s essentially useless as security. And as your digital life grows (email, social media, banking, games, streaming services), remembering dozens of unique, strong passwords becomes impossible.

Password Best Practices

• Use passwords with mix of uppercase, lowercase, numbers, and symbols
• Never reuse passwords across different sites
• Use a password manager to store complex passwords securely
• Enable two-factor authentication when available (a second security layer beyond just the password)
• Never share your password with anyone, not even friends or family

Biometrics: Your Body as a Key

Biometrics use a measurable feature of your body to verify your identity. The most common biometric identifiers are:

Fingerprints Your fingerprints are unique and permanent. They don’t change throughout your life. Biometric fingerprint readers are now standard on smartphones, laptops, and access control systems. They’re fast, convenient, and secure.

Facial Recognition Your face is as unique as your fingerprint. Many modern phones and airports use facial recognition. A camera captures your face and compares it to an enrolled image. If they match, you’re granted access.

Iris Scans Your iris (the colored part of your eye) has complex patterns unique to you. High-security facilities sometimes use iris scanners because they’re extremely difficult to fool and can be done from a distance.

Voice Recognition Your voice pattern is unique. Some banking apps use voice recognition to verify you when you call. The system listens to your speech patterns and compares them to a voice sample you recorded when you enrolled.

Hand Geometry Some facilities use hand scanners that measure the length and width of your fingers and palm. It’s less common than fingerprints or facial recognition but still used in secure locations.

How Society Uses All Three

In reality, organizations combine these three methods to create layered security. Here are real examples:

Your Smartphone

• Token: The phone itself. If someone steals your phone, they have a token.
• Password: Your PIN or password to unlock the phone.
• Biometric: Your fingerprint or face to unlock it without typing the password.

Most phones let you choose: unlock with just your PIN, just your biometric, or both.

Your Bank Account

• Token: Your debit card.
• Password: Your PIN or password.
• Biometric: Some banks now allow fingerprint login.

When you withdraw money from an ATM, you use your card (token) and PIN (password). When you log in online, you might use your password and a code sent to your phone (multifactor).

Airport Immigration

• Token: Your passport.
• Password: Not typically used at immigration.
• Biometric: Your fingerprints and/or face scan.

The officer checks your passport (token) and your biometric data to confirm you are who the passport says you are.

Your School or Office

• Token: Your ID badge or access card.
• Password: May be required for sensitive areas or computer systems.
• Biometric: Newer facilities might use fingerprint or facial recognition readers.

The Future of Authentication

Society is slowly moving away from passwords because they’re weak and burdensome. The trend is toward passwordless authentication—using tokens and biometrics instead.

Companies like Apple, Google, and Microsoft are pushing “passkeys”—a modern approach that combines cryptography (mathematical security) with biometrics. Instead of remembering passwords, you verify who you are with your fingerprint or face, and the system confirms your identity cryptographically. It’s more secure and more convenient than passwords.