Or, YAA On YAAS. The site msnbc.com is carrying another article on futuristic password killer initiatives by the military. Passwords are, of course, of great interest to those dealing with data encryption (such as yours truly, at AlertBoot) since they’re usually the points of failure when it comes to information security.
And, yet, one wonders whether passwords can really be killed. It appears to me that it’s not a matter of developing “better” ways of authenticating people.
Same Old Story, New Solutions, Same Old Results
As msnbc.com notes, “today’s world requires countless passwords,” and goes on to note that
the U.S. military wants to eliminate clunky passwords by creating a security system that actively recognizes individuals based on computer keystrokes, language patterns or even typing speed….focus[ing] on the behavior of each individual reflects an interest in each person’s “cognitive fingerprint” left behind by how the mind processes information.
There is nothing new about such initiatives. In my brief time at AlertBoot, I’ve covered:
I’m probably missing quite a number of other developments that have been floated and shelved over the years. It doesn’t matter what form it takes, it’s always those passwords that end up being used by most organizations when it comes to authenticating people, sometimes exclusively.
Even with solutions that offer something other than passwords for authentication (including encryption software, which provides physical tokens for identification), passwords are always there, either as part of a two-factor authentication scheme or as a backup in case the user loses the token.
Passwords are Problematic
Passwords, though, pose many problems.
First, passwords can be weak. As forbes.com notes in this article, users don’t necessarily choose strong passwords to begin with.
Second, passwords can be shared. When something can be so easily shared, it’s problematic as an authentication scheme. Plus, it cannot be easily “unshared.” For example, if the CEO gives her secretary the password to her computer because of an emergency, how do you wipe it from the secretary’s brain after the one time? You can’t, the password has to be changed. (Anyone manufacture those MIB neuralyzers, yet?)
Third, passwords can be hard to memorize. An issue that is meant to counter the first point, administrators can force users to create password that are too complex to memorize. This is not a problem per se, but leads to….
Fourth, password resets can be expensive or be another point of weakness. Resetting passwords is, despite its simplicity, kind of expensive. One can’t just reset a password for anyone — you’ve got to be able to determine that people are who they claim to be. This involves expenditures, such as hiring people or services for the express purpose of helping people with their password issues, or using self-service password resets that pose its own problems.
Microsoft recently published a paper on the “resilience of passwords,” and how, despite professionals having predicted its demise for decades, it’s still going strong — and will do so for the foreseeable future.
The Power of Free?
A number of words popped out at me during a brief and quick skim of the Microsoft paper: “Mis-aligned incentives can cause desirable solutions to fail.” I’ll go over the paper this week, but it seems to me that this is probably one of the main reasons why passwords have prevailed despite their shortcomings.
Think about it. Passwords aren’t a physical entity, so:
It costs nothing to generate them
There are no transportation/delivery costs
Sending and generating a replacement costs much less than physical delivery
Users can’t “forget” to bring it
I realize #3 and #4 above appear contradictory to what I wrote before. Think of it in the following manner:
For #3, if an organization decides to go with the “butt verification” system, passwords are never sent anywhere. One assumes that telecommuting is not really an option: you’ll have to move your buns to where the computers are. No passwords to lose, no passwords to generate. The costs associated with the loss of passwords are nil.
However, if some other method of verification is used over passwords, such as tokens, then the costs associated with replacing them are formidable over those of generating and delivering a new password. Both require that one somehow confirm that the intended are the recipients, but password generation doesn’t involve physical delivery. So, there are options that can be cheaper or dearer than replacing passwords.
For #4, a user could forget a password, just like one can forget their tokens back at home. But, this reflects the limitation of the English language. A token can be “forgotten” in various ways: it can be forgotten (left behind at home), it can be misplaced (don’t know where I left it, although I’m sure it’s at home), or it can be stolen by force.
Passwords can be forgotten, but can’t be misplaced. They can be stolen, but so can tokens. In a sense, passwords have a leg up on tokens.
Anyhow, this post is not meant to be an all-comprehensive monograph on the subject. I’m just trying to point is that, as long as passwords remain the cheapest alternative — in monetary terms — they’re going to be around for a very long time.
Related Articles and Sites: