Sign In

Communications of the ACM

ACM TechNews

Despite Data Thefts, the Password Endures

View as: Print Mobile App Share:
A typical login scenario requires a username and password.

Efforts to replace passwords with better protections will not be easy.


Although passwords are derided by some security experts as being an insufficient security measure, efforts to replace passwords with better protections face an uphill climb.

"It's become kind of a nightmare," says 1990 ACM A.M. Turing Award recipient Fernando Corbato, who helped develop the first computer password while at the Massachusetts Institute of Technology in the early 1960s. "I don't think anybody can possibly remember all the passwords."

However, researchers say replacing passwords with security measures such as biometrics and USB keys would require competing technology companies to work together to develop standards.

In addition, Internet users may be hesitant to give up using passwords in favor of more secure options. Passwords also are inexpensive to use and are already deeply engrained in the design of many websites.

Nevertheless, efforts are underway at some companies to move away from using passwords. For example, PayPal, Bank of America, and Google are among the companies that have formed the Fido Alliance, which has released a set of standards for security measures that could replace passwords with other types of online identification measures.

Meanwhile, the National Strategy for Trusted Identities in Cyberspace, a task force created by President Barack Obama in 2011 to bolster online security, also is working to develop alternatives to passwords.

From The Wall Street Journal
View Full Article - May Require Free Registration


Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA


No entries found