Passwords are Dead – Why?

If you work in IT, you’ve heard “Passwords are Dead” for years. While that may be so, they are still very much alive and well. But, before I jump in, why have so many experts declared passwords to be dead? The short answer, because we don’t know how to use them properly.

The concept of passwords aka ‘something you know’ is still valid, and useful. Passwords, like  Debit or Credit Card PIN’s  is something you know and continue to be a good strategy to protect your secrets. However, the strategy fails when the chosen password or PIN is so weak, common or predictable others can easily figure it out in a relatively short period of time. The problem is not passwords, but the humans choosing those passwords.

Passwords fail because humans choose:

  • Weak passwords
  • Common passwords
  • Reuse passwords
  • Share passwords
  • Convenient passwords

I could go on and on, but you get the point. How do we break the cycle?

In my view education is key, but education will only get you so far. Secondly, we need tools to help us make passwords easy, convenient and transparent. Tools like 1Password, LastPass, Keepass or similar Password Managers.

We have to educate ourselves why choosing smart passwords is important. But we also have to provide tools to make passwords transparent. Password managers are the best way to do that. A good password manager can help eliminate all above problems. I have been using a Password Manager for a very long time. In fact I have randomly generated password for everything I do online. Best of all, I don’t know any of these passwords. I don’t have to, because the Password Manager does all the hard work for me. Passwords are transparent, easy, convenient and most of all secure. I’ll discuss Password Managers and how they work in a future post.

See ya out there.



Why you need Managed Security Services?

Most networks are compromised as a result of the most common, textbook vulnerabilities. These are not sophisticated hacks requiring deep infiltration or complex exploit code. Most are exploited through “low hanging fruit” like:

Legacy protocols
Lack of security policies

Contact us or call toll-free: 1-833-630-2888