On Passwords

In my current project, passwords are a thing of the past. Thank goodness, because they are not very secure. They fail the "front page test": If I make a mistake resulting a disaster that makes the front page of a newspaper, will the reader think "How could someone do something that horrible?" or "How could Ruth be such an idiot?" Or, if it's not about me: Sony. "How could those hackers steal all of that user info for nefarious purposes?" versus "How could Sony not hash their passwords?" If you make your password something easily remembered, like your birthday, and your computer gets hacked, it's "How could you?" If you leave a sticky note with your very complicated password next to your computer and you get hacked, that's also "How could you?" It's a no-win scenario, these days. Sooner or later, your password-protected account will be compromised, and it will, in a way, be your fault. And that's assuming that you've remembered your password. I work with someone who forgets hers eight times a day.

So what's the solution? We're still working on that. There are all sorts of "scans" available now, analyzing fingerprints, retinas, voice, biometrics, and even capillary patterns, which I use in Project: Sol. None of these are currently reliable. If you're in a bad mood now, you'll be really upset when you can't unlock your computer because you don't move your thumb across the print analyzer at the right speed or your voice doesn't sound like it did when you recorded your voiceprint.

Anyway, you won't have to remember your 8-character 1337-speak passwords for long. One way or another, that kind of password is on its way out.

R. E. Stearns