Passwords

Also see...Biometric identification

Passwords

Passwords are far from secure. If forgotten, a legitimate user can be locked out of valuable data. If discovered by an illegitimate user, the data is open to damage or theft.

Passwords are vulnerable because they are so easily forgotten in these days where each of us has a need for dozens of passwords for access to ATMs, networks, ISPs, operating systems, websites and FTP sites, chat rooms. It's all too tempting to use the same password for everything: but if someone discovers the password for one, they have access to all.

Passwords are weak because they only prove a user knows the password: they do not prove the user is who they claim to be.

Biometric devices, on the other hand, prove the identity of the user based on measurements of the user's unique attributes (fingerprints, retinal patterns etc).

Passwords have built in security problems:

• they can be stolen or guessed (many people use obvious passwords like first names, phone numbers etc)
• "brute force" attacks can try every word in an electronic dictionary until it eventually gets a match
• to avoid forgetting passwords, too many people write it down and stick it somewhere obvious
• after using your password to get access, intruders can change the password to lock you out!

• must not be too short (otherwise brute-force guessing will soon open them)
• should not be words found in a dictionary (hacking programs can use dictionaries to try each real word in turn until they get access)
• should be a mixture of uppercase, lowercase, letters and digits
• should not be easily guessable by people who know you (first names, birthdates, children's names, pets' names etc)
• should not be so hard to remember that you have to write them down
• are not be written down - and are especially not written down and stuck to the monitor!

Alternatives to passwords:

- secret personal information: rather than remembering an arbitrary word, users are asked to provide information that no-one else would know. e.g. your mother's maiden name (her surname before marriage). Noone else is likely to know it, and you aren't likely to forget it. This method is often used for rarely-used authentication methods by places like banks if you ring up and they need to know it is in fact you.

- challenge questions: instead of a password, you provide questions and answers. e.g. You want a video shop account. They ask you to provide 3 questions and answers. You say:
1. What was my first cat's name?
2. What year did I break my leg?
3. Why did I break up with my second girlfriend?

This is a screenshot from a Yahoo service signup screen:

Later, when identification is needed, the video shop can pick one of your questions at random, ask you the question and see if your answer matches the recorded answer. An imposter would need an incredible knowledge of you to successfully fake being you.

And Telstra Bigpond changed its mind about identity verification in 2001:

"Have you noticed how each time you call the Customer Support Centre you're asked for your credit card number to verify that you are who you say you are? Due to your feedback, we have dispensed with asking for your credit card details and have embraced the concept of a Secret Question and Answer.
The way it works is you nominate a secret question to which only you have the answer. When you call the Customer Support Centre you will be asked this Secret Question rather then your credit card details for verification purposes. It's as simple as that. Nominate a Secret Question and Answer today!"

It doesn't take too much intuition to work out what sort of angry and worried "feedback" they were getting that prompted this change!