Passwords: A Necessary Evil?
Passwords can often be a tiresome ordeal.
When creating passwords, we feel afraid of making them too simple in the event of having our accounts breached by hackers, but perhaps equally as afraid of making them too complex, in-case we find ourselves struggling to remember them when requiring instant access.
On any given day, we access Emails, post on Instagram, or order groceries online, we are bound to forget one password, or at least mistype it.
Perhaps you are one of those people who can’t help but scribble your passwords onto post-it notes and stick them to your monitor. Sure, you are less likely to forget them, but hardly a secure method.
So, just how important are passwords in our ever-advancing, technology dominated society and why do we use them?
What’s so great about passwords?
What has made passwords so compelling is that they solve multiple problems simultaneously.
A password verifies the identity of an individual, since only the correct person would know the correct order of letter, number or symbols.
Requiring a password limits access to files and infrastructure, allowing multiple people with different levels of access to use the same systems. Most importantly, they live outside the computer, safely stored in someone’s head.
What’s not so great about passwords?
Unfortunately, the number of sites and services that require them has made it difficult for passwords to keep pace.
In 2018, password manager, Dashlane reported that the average person had 150 online accounts, each requiring a password. That’s not to mention that many employers require their employees to change their passwords frequently—despite it having little benefit.
Passwords are inherently insecure. They can be stolen, guessed, or brute-forced. But mostly, people just use bad ones.
We can all be guilty of sharing passwords with friends and family. We often use easy-to-remember but easily guessed passwords or recycle passwords among different accounts.
What are the alternatives?
Password managers like Dashlane can track all those various alphanumerics for you and even replace the weak ones. But password management is a half measure when it comes to security. The real challenge is in eliminating them altogether.
The process of replacing passwords is already underway. personal identity providers like Google, offer ways for people to log in to apps and services without having to enter a password.
You’ve probably experienced this for yourself. You go to log in to a site or fire up an app, and instead of being asked to enter a password you get a prompt to enter a six-digit code from your authenticator app, tap a notification on your phone, or click a link sent to your email. Or maybe you just need to raise your phone to your face.
Apple’s facial recognition system has taken biometric login mainstream.
Most notably, Microsoft announced in March 2021 that some of its customers could go completely password-free, and it was then followed up in September by telling people to delete their them altogether. Those other methods of authentication? They’re finally winning.
We’ve never been closer to freeing ourselves from passwords for good, but for now we’re stuck with them. They’re frustrating yet flexible, elegant yet insecure, and they’re probably the best solution for the foreseeable future and most definitely, a necessary evil.