Rethinking Passwords

I am not optimistic that these changes will happen rapidly, or even at all. There is a huge installed base out there. 'We do the same thing as everybody else' is an effective legal defense against malfeasance, so why change things? (I hate the word legacy!) Authentication systems are vital, and changes to them can produce widespread and embarrassing failures. It is not clear that easier authentication would provide a market advantage. Is a company less secure than another company because it is easier to log into? Will it gain market share by doing so? In spite of all this, the system seems to be working. We are leaking military and industrial secrets to attackers all over the world, but millions of people use the Internet successfully every day, and it is an important part of the world's economy. Somehow, we get by. Finally, I would like to see these systems engineered such that the user needs to remember only one security maxim: Don't be a moron. Do not pick a password that someone who knows you can guess in a few tries, or that someone watching you type can figure out easily. Unlike the eye-of-newt password rules, this last rule makes sense to the casual user and is easy to remember. All we have to do is engineer the rest to be reasonably secure. © 2013 ACM.