What’s the worst part of using our phones and computers? It’s remembering passwords. To much acclaim, Microsoft Corp. announced that its upcoming version of the Windows 10 S operating system will eliminate passwords. When you set up your computer, you’ll never see an option to enter a password. Instead, you’ll use a smartphone app to verify your credentials.
Apple and others are also working to eliminate or reduce the need for passwords. Take this promise with some skepticism, however, because there have been promises before, yet we are burdened more than ever with passwords.
Dashlane, a company that makes password management software, conducted a survey of its customers and found they have an average of 130 accounts requiring passwords!
Passwords are one of the most despised parts of using our devices and, in spite of what we’re told, they’re easy to break. For most of us, they’re impossible to remember, especially as each site has its own requirements and we have so many of them. The conundrum is that the easier a password is to remember, the less secure it is.
That was brought home recently when the governor of Hawaii forgot the Twitter password that he needed to call off a mistaken warning about an incoming missile attack.
One of the reasons we’re adding passwords faster than ever is that so many products we’re buying need to be connected to the Internet: thermostats, streaming services, routers, doorbells, cameras, appliances, lighting, and much more. And when we finally remember some of our frequently used passwords, we’re forced to create new ones for no good reason.
To make our passwords more manageable, we often try to use the same or similar names across different sites, but that’s putting us more at risk. Once our password is stolen from a less secure account, it’s easier for criminals to use it to get into our other accounts. According to Verizon, 80 percent of all security breaches are caused by insecure passwords.
While biometric indicators have been around for a long time, using a single means of authentication has not always been very accurate or reliable. So Google began testing alternatives that combine multiple weaker indicators into a single identity to confirm who you are. They’re using your typing patterns, the way you swipe the screen, voice patterns, the shape of your face, or a thumbprint. But after a promising announcement two years ago, there’s been little to show for the effort.
Apple seems to have made the most inroads with its facial identity hardware and software systems developed for the iPhone X. It’s proven to be very reliable and nearly impossible to fool because it measures depth. It’s expected to be added to Apple’s next generation of iPads.
For now, the best defense against your password being stolen is to use double authentication. When you sign in to, for example, a Google account, after you enter your password you’re sent another password on your phone that you need to enter. While this makes it difficult for your account to be compromised, it also adds more complications when you add new apps that need to access your Google account.
And in case you’re wondering, here are the top 25 most common passwords as reported by the Daily Telegraph. These are passwords you definitely do not want to use.