![]() ![]() The only chance you have of making it work is to outsource the “creating and remembering” part you’re really bad at to a computer, in the form of some password management software. In an environment where users must now remember about 100 passwords each, it is impossible to use passwords well without assistance. Its success hinges on humans being good at something humans are really bad at: Creating and remembering long strings of random characters. The first is that password authentication is a terrible design. The existence of World Password Day is a symptom of two problems. Fail at authentication and it doesn’t matter how “military-grade” your encryption is or if you patch twice a day before flossing, you’re toast. It is the bedrock on which security is built. There is no annual “how to avoid nuclear meltdown” day.Īnd make no mistake, password authentication is critical technology. ![]() Critical technology should not require an annual pep talk to function correctly. Now in its tenth year, the day is supposed to act as an annual reminder for people to follow good password hygiene: Don’t reuse passwords use long passwords no, longer passwords than that use a collection of random words no, not those words use a phrase use a collection of phrases don’t forget the weird characters etc., etc. The continued existence of World Password Day is a tell that something has gone badly wrong in cybersecurity. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |