We’ve Done Our Passwords All Wrong

Passwords are one of our favorite villains. We have long advocated the use of hardware dongles. And Apple, among others, have created various technologies that scan fingers or faces. Most recently, shipments of their iPhone X are being delayed because of problems with critical components (cutely named Romeo and Juliet). There is even a novel by Scott Allan Morrison, “Terms of Use”, in which the hero invents a way to scan an eyeball.

But the conventional wisdom, originally spelled out by NIST (the National Institute of Standards and Technology) to make them complicated (and thus virtually impossible to remember) has been replaced by NIST itself. Now, long but simple phrases that are meaningful to the user are advised, because they are easy to remember but hard for hackers to break.