The Death of the Password
Are passwords outdated? It's starting to seem like it.
Everybody hates them, and nobody can remember
all the ones they've created.
These days a typical netizen has dozens of online accounts.
If you really want to be safe,
you need to have a different password for each one,
and each password needs to be incredibly complicated,
with a mix of capital letters, symbols, and numbers.
Who can keep all that stuff in their head?
Most people don't bother. Some just make up one password
and use it everywhere. Others might have
a few passwords-one for all their banking
and financial stuff, one for their social networks,
one for email. Problem is that
if one site gets attacked by hackers,
they now have the password that you use elsewhere.
These hacks are happening so frequently
these days that you might as well assume
there is no way to keep a password secret.
In one recent attack on Sony,
millions of accounts were exposed.
Computer scientists realize the system is broken,
and they're looking for alternatives.
But most attempts haven't been very good.
Fingerprint readers require special hardware,
and a lot of people find them creepy
and don't want to use them. Smart cards
and tokens can be lost or stolen.
We've tried all sorts of other approaches,
but we end up back with passwords.
They're the least worst in a series of bad options,"
says Rich Mogull, CEO of Securosis,
a security consultancy.
Markus Jakobsson, a veteran security researcher
with a Ph.d. in computer science,
has come up with something he calls "fastwords."
Instead of inventing an obscure password,
you join three simple words
that come from a thought known only to you.
If one day you were driving to work
and ran over a frog that ended up flat,
you might choose "frog work flat."
Some advantages: You can enter the three words
in any order ("flat frog work"),
and the system still knows that you're you.
If you totally blank, the fastword system
will tell you one of the three words,
which should enable you to remember
the original thought and thus the three keywords.
Jakobsson says one large service provider
is evaluating the fastwords concept.