Are passwords eventually going to go the way of the dinosaurs? Passwords are a relic from a time before hacking was a problem anyone thought of, and as a result they aren't as secure as you think they are. There may be a new way to authenticate users that doesn't involve passwords, which is good because people have password fatigue at this point anyway. What is the future of passwords and what will take their place?
This gave rise to the idea of encrypting passwords. The first method was called "hashing" and it was used to translate passwords into numbers using one-way encryption. The passwords themselves were never stored on the device, and this method, invented in 1974, is still in use today. In 1979 additional characters were added to the encryption and those characters were called "salt", and while it made the encryption stronger it didn't stop passwords from being guessed.
In 1988 the first virus called the Morris Worm began infecting computers and stealing passwords. It was not intended to be harmful but rather was an experiment to see what could happen if something like that were to be released on the internet. It infected one in ten computers within the first 24 hours.
Still today the most common passwords are variants of 123456, easily guessable even without trying to decrypt anything. What's more, people are still reusing old passwords or using the same password on multiple sites, further complicating the ability to protect information accessible online. 91% of people say they know they aren't supposed to reuse passwords and that they know why they aren't supposed to reuse passwords, but 66% say they do it anyway. And why wouldn't they? The average person has 191 passwords, and it's nearly impossible to remember more than about 20.
Secure password managers have given people some relief, but that's just another password to remember. Multifactor authentication is yet another tool in the fight against hacking, but even that is not foolproof.
Passwords just aren't that secure. There are plenty of methods for cracking them, plus hackers know that exploiting human nature and emotions is far easier than trying to brute force an attack. Even if passwords are secure, they are stored on someone else's server and all it takes is a data breach of that company to expose your password, which you might also be using on lots of other sites.
Are passwords really going to be around much longer if they aren't secure at all? Learn more about the history and future of passwords as well as what might come next from the infographic below.
Read next: The Evolution Of Cybersecurity And Data Storage (infographic)
The History Of Passwords
When passwords were invented, hacking didn't exist. No one had any idea that one day businesses and personal lives would be run entirely in cyberspace, giving thieves and bad actors a target. Rather, passwords were invented to meter time on shared mainframe computers. The first password theft was done by someone who just wanted more time, and he accomplished his goal by printing out the file that contained all the usernames and passwords of the people on the shared mainframe. He was then able to log on to use other colleagues' credentials to get the time he needed to do his work.This gave rise to the idea of encrypting passwords. The first method was called "hashing" and it was used to translate passwords into numbers using one-way encryption. The passwords themselves were never stored on the device, and this method, invented in 1974, is still in use today. In 1979 additional characters were added to the encryption and those characters were called "salt", and while it made the encryption stronger it didn't stop passwords from being guessed.
In 1988 the first virus called the Morris Worm began infecting computers and stealing passwords. It was not intended to be harmful but rather was an experiment to see what could happen if something like that were to be released on the internet. It infected one in ten computers within the first 24 hours.
Still today the most common passwords are variants of 123456, easily guessable even without trying to decrypt anything. What's more, people are still reusing old passwords or using the same password on multiple sites, further complicating the ability to protect information accessible online. 91% of people say they know they aren't supposed to reuse passwords and that they know why they aren't supposed to reuse passwords, but 66% say they do it anyway. And why wouldn't they? The average person has 191 passwords, and it's nearly impossible to remember more than about 20.
Secure password managers have given people some relief, but that's just another password to remember. Multifactor authentication is yet another tool in the fight against hacking, but even that is not foolproof.
The Future Beyond Passwords
At some point passwords will become obsolete. There are other ways to authenticate users, and those methods are likely to be significantly stronger than passwords and usernames. Authenticating IP addresses, geolocation, and device security can be one method of authenticating users. Also, using different levels of authentication based on access to information can eliminate the need for passwords.Passwords just aren't that secure. There are plenty of methods for cracking them, plus hackers know that exploiting human nature and emotions is far easier than trying to brute force an attack. Even if passwords are secure, they are stored on someone else's server and all it takes is a data breach of that company to expose your password, which you might also be using on lots of other sites.
Are passwords really going to be around much longer if they aren't secure at all? Learn more about the history and future of passwords as well as what might come next from the infographic below.
Read next: The Evolution Of Cybersecurity And Data Storage (infographic)