Usernames and passwords. It’s the price of being online. It’s our key into many websites. We have been using them or decades. Or maybe we’ve been a slave to them. Having to come up with new passwords all the time is a pain. Usernames are a shit fight too. And it’s not getting easier.
In the next two weeks we are going to look at them both – passwords and usernames.
The News of the World controversy came down to passwords. In all the furore over the “hacking” of people’s voicemail, the fall of am empire and the tabloid juice, an under reported question has been – HOW did these people get into voicemails.
Turns out it was the easiest thing in the world – so easy even Paris Hilton worked it out once. Turns out UK phone carriers give you a default voicemail passcode. It’s quite a bit of hoop jumping to change it. Faking your caller ID, trying the default password and bam! You’re in.
Passwords are important, but they are a pain. Technology should make life easier, yet password tech gets more complicated. There’s a tension there. We want to be lazier with our passwords. But we are asked to he more devout than ever.
Whats going to win? The fight for easier acces? Or tougher privacy.
What I wish for is a say. Some simple band forums ask for difficult passwords that are beyond what that site needs. It seems every few years security gets tougher and tougher. The standard these days seems to be more than 8 characters and throw in some numbers.
OK, some sane password practises are good. Don’t use the same password everywhere, for one. But not all sites are equal and not all sites need an insane password combination. Especially when you’re asked to sign up to something.
Facebook are trying to solve this with their “connect” technology. If a site allows, you can just use your Facebook profile to log into other sites. But Facebook is a scary key – I would say Facebook needs a level one password.
So what we need is level two passwords. And a company that makes them. And if that security is breached, then that guy can see my Bob Dylan forum posts, and maybe sign me up to get some more news from my local cinema. And make it work like Facebook Connect – tie it to my browser, and I can easily hop through simple sites that need simple protection.
And then maybe I need a work key. Internal intranets. Mailing list programs. Any array of sites. I have my Apple ID, my Google ID, my Facebook, my work one….seems like a lot. But imagine a window that pops up when you need a password and you can choose which “key” you used. Some saved in your browser – some not.
You wouldn’t have one key for everything in your life. But you wouldn’t be happy to have 100 of them either.
But we are not even having these conversations because hackers are getting better at what they do. Who knows what they can do with my Bob Dylan forum password? It’s fucking annoying, and hackers are cunts. And it seems it’s better to be safe than sorry.
And how scary is it that most operating systems saves your passwords? A stolen computer could destroy every aspect of your life. I am pretty happy my bank does all sorts of crazy things before I can get in.
And it seems passwords are an arms race. They get harder and more complex, and hackers get better at cracking them. There is such minimal work done in shutting down hackers (and spammers) that I don’t see this arms race stopping.
Then there is going beyond passwords.
Retina scanning and all that seems to be the stuff of sci fi, but it might be getting closer than we think. But the question is this – what can we use other than passwords to show the internet that we are really us?
There’s talk of all sorts of scanning. Your touch screen technology on your phone, your camera on your computer could all come into play. Facial recognition software has advanced plenty in the last few years. It’s still a while off, but there is certainly talk of it.
It’s a recurring theme in these columns. If something isn’t working it will be replaced. And I don’t know a single person who thinks passwords work for the internet. Something has to change.
I don’t want to be hacked. No one does. But I have literally hundreds of passwords in my life, due to the fact I have set up accounts for many people. And more often than not, I’m clicking on that little link that says “forgot your password?”.
Lets make it easier for people. If only one step. And not lose security. Surely we are smart enough to do that. A level two password technology that can get me into simple things.
Because technology is supposed to make our lives better, and that better life seems to be locked away. And I’m still waiting for that email to come through to remind me of my password.