We should stop using passwords for Online Security

These days, the typical internet user needs to remember a whole list of passwords. The temptation to duplicate them is strong. Passwords can be easy to forget, easy to guess, and easy to steal. Every online service needs to have a password reset procedure because it’s so common to lose one of the many passwords you need to remember for all the different websites you go to.

Better alternatives are OpenIDand one-time keys. Openid allows you to use one login across sites, which solves the problem of having too many passwords to remember, and potentially allows new login technology to be implemented as it becomes availible.

One-time keys are nice, because even if you get tricked by a fake login form, or a keylogger, or something, the attacker won’t be able to use the key you gave them. Examples of this technology are yubikey and google authenticator.

I know that password managers elminate some of the problems with passwords, but it would be better if we had a similar solution for one-time keys.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.