Password security

Thou shalt not pass… word

Strong passwords? Forget about them, says Billy MacInnes
Blogs
Image: IDGNS

6 May 2021

Did you know that today (6 May 2021) is World Password Day? Despite the fact that passwords have been around for a very very long time, World Password Day is not very old at all, only coming into being in 2013. And it doesn’t occur on a fixed date but on a fixed day, namely the first Thursday in May.

The intention behind World Password Day is, not surprisingly, to raise awareness of the importance of passwords.

What we tend to forget is that although passwords have been around for a long long time, for most of that time only a few people ever used them. Usually, they were associated with sentries at the gates of castles, spies and espionage or clandestine meetings of revolutionaries. You get the picture.

Nowadays, passwords are something that everybody uses and has to use. Not only are they endemic, we now also have to use them multiple times a day across a wide range of websites and applications. And there are a lot of them. If you wanted to compare it to previous times, it would be like making everybody go to castles, meet with spies and attend clandestine meetings with revolutionaries several times every day.

Despite the proliferation of passwords and their near ubiquitous use, some of the problems associated with them are still more or less the same as those highlighted in a short scene in the Marx Brothers 1932 film Horse Feathers.

At the beginning of the scene, Chico is working in a speakeasy and the man guarding the door tells him to take over for a short while.

Man: “Don’t let anyone in without the password.”
Chico: What’s the password?
Man: “Swordfish” is the password, do you understand?
Chico: Ok, I got it.
Man: What is it?
Chico: Password.

Yes, “the password is ‘password’,” really is that old.

A little later in the scene, Groucho knocks on the door and Chico answers.

Chico: You can’t come in unless you give the password.
Groucho: What is the password?
Chico: You can’t come in here unless you say “swordfish”. Now I give you one more guess.
Groucho: I think I got it, is it “swordfish”?
Chico: That’s it, you guess it.

Groucho goes in and Chico comes out.

Chico, realising he’s been locked out, knocks on the door.

Groucho: What’s the password?
Chico: You don’t fool me, “swordfish”.
Groucho: I got tired of that and I changed it
Chico: What’s the password now?
Groucho: Gee, I forgot it, I better come outside with you.

He comes out and the door closes behind him. They are both locked out, banging on the door.

Demonstrating, all too clearly, that changing your password and then forgetting what you changed it to is another very old but common human failing.

No wonder password managers are becoming popular as a means to generate passwords nowadays. Why not let software create our passwords – and remember them for us too? They may not be immune to security flaws but they are far more secure than we are when it comes to creating passwords. And keeping them safe.

It seems bizarre though if one of the strongest consequences of better password management is that it’s better not to know the answer when someone asks, “What’s the password?”

It’s a fair assumption that it’s probably not ‘swordfish’.

But does that mean, at some point, world password day will become something only password managers commemorate?

Read More:


Back to Top ↑

TechCentral.ie