Will Everyone Please Quit Bitching About Passwords?


The Wall Street Journal has yet another article today telling us how terrible it is that we’re all still using passwords:

“Passwords are awful and need to be shot,” says Jeremy Grant, head of the National Strategy for Trusted Identities in Cyberspace, a task force created by President Barack Obama in 2011 to bolster online security.

Despite all their flaws, passwords are so ubiquitous, cheap to use and entrenched in the architecture of websites and the rhythm of human behavior that efforts to supplant them have barely budged. “It’s the only piece of technology from 50 years ago we’re still using today,” says Brett McDowell, a senior Internet security adviser at eBay’s PayPal unit.

First things first: McDowell is wrong. We still use keyboards. We use monitors. We use hard drives. We use integrated circuits. Now, you might argue that we use way better versions of those things (except for keyboards, which inexplicably keep getting worse), whereas passwords are mostly just as primitive as they were in 1964. But that’s as far as you can plausibly go.

Anyway. Why do we still use passwords? Answer: for the same reason front doors still use simple locks. They may provide weak security, but they do provide some security, and they’re the only solution that’s both cheap and universal. So if you think it’s scandalous that we’re still using passwords 50 years after they were invented, then prepare to be even more scandalized by front-door locks. That technology is centuries old!

And then prepare to be even more scandalized, because none of the proposed replacements for passwords (fingerprint scanners, gesture identification, face detection, etc.) are either cheap or ubiquitous, and they’re not going to be anytime soon. No matter what your preferred solution is, it needs to become a standard and then get rolled out on every computer in existence. Please note: Not every PC. Every computer. Not every American computer. Every computer in the world.

So quit moaning about all this ancient technology. Passwords are going to be around for a while, no matter what the security gods of Silicon Valley would prefer. In the meantime, if you’re a user, use strong passwords. If you’re a corporation, encrypt your hash databases. If you’re a technology guru, put away the retinal scanners and alpha wave detectors and figure out a clever way to make passwords more secure. Passwords may be here to stay for a while, but they don’t have to be the Achilles’ heel of the entire internet.

$500,000 MATCHING GIFT

In 2014, before Donald Trump announced his run for president, we knew we had to do something different to address the fundamental challenge facing journalism: how hard-hitting reporting that can hold the powerful accountable can survive as the bottom falls out of the news business.

Being a nonprofit, we started planning The Moment for Mother Jones: A special campaign to raise $25 million for key investments to make Mother Jones the strongest watchdog it can be. Five years later, readers have stepped up and contributed an astonishing $23 million in gifts and future pledges. This is an incredible statement from the Mother Jones community in the face of the huge threats—both economic and political—against the free press.

Read more about The Moment and see what we've been able to accomplish thanks to readers' incredible generosity so far, and please join them today. Your gift will be matched dollar for dollar, up to $500,000 total, during this critical moment for journalism.

We Recommend

Latest

Sign up for our newsletters

Subscribe and we'll send Mother Jones straight to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate

We have a new comment system! We are now using Coral, from Vox Media, for comments on all new articles. We'd love your feedback.