We’ve Done Our Passwords All Wrong

Passwords are one of our favorite villains. We have long advocated the use of hardware dongles. And Apple, among others, have created various technologies that scan fingers or faces. Most recently, shipments of their iPhone X are being delayed because of problems with critical components (cutely named Romeo and Juliet). There is even a novel by Scott Allan Morrison, “Terms of Use”, in which the hero invents a way to scan an eyeball.

But the conventional wisdom, originally spelled out by NIST (the National Institute of Standards and Technology) to make them complicated (and thus virtually impossible to remember) has been replaced by NIST itself. Now, long but simple phrases that are meaningful to the user are advised, because they are easy to remember but hard for hackers to break.

Let’s Replace Passwords by Hardware Dongles

080714-toon-luckovich-ed 615x447

Passwords are not only a pain in the butt, but they don’t work very well to keep the bad guys from accessing your private data. As witness all the recent blackmailing of individuals to prevent their data from being destroyed and the millions of dollars being stolen from banks, stronger measures are needed. Better passwords, e.g., ones based on the suggestions of a columnist in the Bay Area, may prevent some of this theft. But we continue to campaign for the development of hardware dongles that are far more secure, and continue to wonder why more progress is not being made on them.