March 2005
The Password Is Fayleyure
Today’s password schemes are unworkable and offer little security for users.
By Michael Schrage
Under Review: Password selection for Yahoo! Mail etc.
PokeKey1…ou812$…twasbri11ig!. All were favorite passwords of mine long ago. The first is the name of the puppy I briefly had as a child. The second was shamelessly lifted from a Van Halen album cover. The third, you’ll recall, opens Jabberwocky. I must have typed each one hundreds of times.
Looking back, I feel like an idiot for believing my wittily “unguessable” passwords enhanced my security in any meaningful way. Password protection is pervasive, annoying, inconvenient, and does little to deter anyone intent on doing harm. But you can’t gain legitimate access to many services without it.
There is growing consensus that strong authentication is needed since relying just on passwords isn’t meeting requirements.