The Password Fallacy: Why Our Security System Is Broken, and How to Fix It

For the few that haven’t yet spotted technology journalist Mat Honan’s story about his unfortunate hacking, here’s the capsule version: What started as an attempt at his Twitter feed via an Amazon account security hole quickly escalated into several wiped devices, a gutted Gmail account, and devastating data loss, both personally and professionally. The terrifying tale ended on a cry for users to embrace Google’s two-step verification, which requires a second level of authentication when accessing your Gmail. When James Fallows wrote about his wife’s ordeal with a compromised account last year, he came to the same conclusion.

Sure, adding an extra lock would have spared both a fair amount of trouble, but there’s a much bigger problem at hand. We’re required to take downright ridiculous precautions to maintain our online security, and it’s not sustainable. In fact, it never was. Our password system is broken, and it’s about time we change it.

Let’s take a little tally of where we’ve found ourselves, shall we? Studies show that we log into some 10 sites a day. Places that hold our most important data, like Gmail, Dropbox, and our bank, might ask us to jump through two tiers of password hoops in order for them to ensure our online security. Overall we’re asked to hold keys to 30-40 sites in order to read the news, access our email, or book a haircut. For each of these sites, security analysts recommend using a unique string of 14-characters made up of letters, numbers, and special symbols. But remember: Computers are quick to guess dictionary words, your birth year, and numbers substituted for letters. No repeats allowed. Oh, and whatever you do, don’t write anything down.

Who can possibly remember all those characters?

Read the rest over at The Atlantic.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s