Security from A to Z: Passwords

The debate oscillates between telling people to be creative to telling them to write passwords down. Part of a series on hot security topics.

Passwords cause problems.

For the IT department, password management is a headache, with many hours devoted to carrying out password resets for forgetful users. There's also the plain old human laziness of using the same password for a range of logins, or even using "password" as a password. Passwords are only as good as their all-too-human owners, and even then a hacker using a keylogger, say, can make off with their secret.

In business, the debate about how to encourage password best practice oscillates between teaching users to be "creative" in making passwords that are adequately complex, to telling users to write down passwords somewhere secure. People are also told to use password management software, so they don't resort to choosing easy words or using the same password for several logins.

But it's a losing battle, some experts say.

In May, Gartner analyst Jay Heiser said passwords are "fatally flawed" and can't stand up to "motivated attackers". The drive to develop new ways of authenticating users, such as two-factor authentication or human biometrics, is in part fuelled by awareness of the weakness of systems built on crackable password security.

Some have predicted that passwords will be replaced with biometrics or other technology in the long term. Just how far away that day is remains to be seen.

Natasha Lomas reported for Silicon.com in London.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Metal Gear Solid V gets a perfect 10

Jeff Bakalar talks with GameSpot's Peter Brown about his perfect 10 review score of Metal Gear Solid V: The Phantom Pain.

by Jeff Bakalar