Will Everyone Please Quit Bitching About Passwords?


The Wall Street Journal has yet another article today telling us how terrible it is that we’re all still using passwords:

“Passwords are awful and need to be shot,” says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace, a task force created by President Barack Obama in 2011 to bolster online security.

Despite all their flaws, passwords are so ubiquitous, cheap to use and entrenched in the architecture of websites and the rhythm of human behavior that efforts to supplant them have barely budged. “It’s the only piece of technology from 50 years ago we’re still using today,” says Brett McDowell, a senior Internet security adviser at eBay’s PayPal unit.

First things first: McDowell is wrong. We still use keyboards. We use monitors. We use hard drives. We use integrated circuits. Now, you might argue that we use way better versions of those things (except for keyboards, which inexplicably keep getting worse), whereas passwords are mostly just as primitive as they were in 1964. But that’s as far as you can plausibly go.

Anyway. Why do we still use passwords? Answer: for the same reason front doors still use simple locks. They may provide weak security, but they do provide some security, and they’re the only solution that’s both cheap and universal. So if you think it’s scandalous that we’re still using passwords 50 years after they were invented, then prepare to be even more scandalized by front-door locks. That technology is centuries old!

And then prepare to be even more scandalized, because none of the proposed replacements for passwords (fingerprint scanners, gesture identification, face detection, etc.) are either cheap or ubiquitous, and they’re not going to be anytime soon. No matter what your preferred solution is, it needs to become a standard and then get rolled out on every computer in existence. Please note: Not every PC. Every computer. Not every American computer. Every computer in the world.

So quit moaning about all this ancient technology. Passwords are going to be around for a while, no matter what the security gods of Silicon Valley would prefer. In the meantime, if you’re a user, use strong passwords. If you’re a corporation, encrypt your hash databases. If you’re a technology guru, put away the retinal scanners and alpha wave detectors and figure out a clever way to make passwords more secure. Passwords may be here to stay for a while, but they don’t have to be the Achilles’ heel of the entire internet.

FACT:

Mother Jones was founded as a nonprofit in 1976 because we knew corporations and the wealthy wouldn't fund the type of hard-hitting journalism we set out to do.

Today, reader support makes up about two-thirds of our budget, allows us to dig deep on stories that matter, and lets us keep our reporting free for everyone. If you value what you get from Mother Jones, please join us with a tax-deductible donation today so we can keep on doing the type of journalism 2020 demands.

payment methods

FACT:

Mother Jones was founded as a nonprofit in 1976 because we knew corporations and the wealthy wouldn't fund the type of hard-hitting journalism we set out to do.

Today, reader support makes up about two-thirds of our budget, allows us to dig deep on stories that matter, and lets us keep our reporting free for everyone. If you value what you get from Mother Jones, please join us with a tax-deductible donation today so we can keep on doing the type of journalism 2020 demands.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate