The long goodbye to passwords
First of all, if what's written above is your password, you need to change it now. I'll wait. Okay, good, now for the rest of the article. Why Passwords Don't Work It's not much of a secret that passwords are not a very good way to secure information. The real problem is when companies try to make users utilize more secure passwords, they end up making the whole system less secure. Does that seem counterintuitive? Here's a scenario. A company wants to make their corporate systems more secure. They decide that the passwords their employees are using are not secure enough, so they institute rules for passwords, which include: Must be 8 characters or longer Must include a lowercase letter Must include an uppercase letter Must include a number Must include a non-letter/number character Must not be the same as the previous password used Must not be the same as the username, or contain the username You've probably run across these rules before. You may not have seen all of them, but you've probably seen most of them, and probably many of them with a single system. In theory, these are all good rules. Where they lead to a less…