Friday, April 17, 2015

Passwords and Absurdity


InformationWeek last week offered up several alternatives to our traditional passwords. My first inclination, as it is with any reference to passwords, is to think of my favorite XKCD comic (above), regarding password strength and "correcthorsebatterystaple" - a password I still think would be entertaining to use in some inconsequential website requiring credentials.

Still, the concept is valid, and we may attribute the XKCD strip above with sponsoring adaptations to cryptography and password-cracking applications so that now they do test four- or six-word combinations as well as the typical computer guessing, but from a mathematics perspective, I am not sure that four actual random words would be likely a focus of a target.

Regardless of actual password strength, the real thought-provoking piece here is the subtext comedy. We, as humans, are incredibly great at determining things that are difficult for us to do, and then requiring us to do it. Passwords that expire every month. Passwords that have different requirements on each different site you sign up for (was that a capital G or g? or was it just a 6? Did I need one uppercase, one lowercase, and a number? or was that one lowercase and uppercase with a separate special character thrown in?) and the more you use the same password on different sites the more risk you place on a single hacker breach (by gaining access to your kids' soccer team password, or your Facebook password, a hacker might now have your email address and Google password, Amazon password, or bank password).

Other things that are incredibly complex to do but we still do? Pay taxes. Elect officials. In some cases, work.

So the better question is - What's an overly complex activity that you can streamline and simplify? If you answered work to the first question, I bet you can answer that for the second.