E-mail to Your Friend(s)Print Friendly

War on '123456' (Part I)

A few months ago, the Wall Street Journal interviewed Fernando Corbató, a retired researcher who ran an early computing project at MIT (the Massachusetts Institute of Technology) and helped deploy the first known computer password in the early 1960s. Corbató admitted that passwords have become kind of a nightmare with the World Wide Web. 'I don't think anybody can possibly remember all the passwords that are issued or set up.'

As Internet users frustrated with trying to find a secure password we can remember and that nobody else is able to guess for each of our numerous accounts, we couldn't agree more. Inundated with passwords for myriad Internet and social networking sites, many people simply throw in the towel and opt for something like '123456', which was the most common password of 2013 according to a study based on the lists of passwords that were stolen. It is followed by another no-brainer—'password'. 'Qwerty' and 'iloveyou' are among those that made it to the top 10.

In view of the fact that there seems to be a major breach each month, including the most recent one in which 1.2 billion username and password combinations, along with more than 500 million email addresses were allegedly stolen by Russian hackers, some online service providers add a security feature known as two-factor authentication, which requires users to log in using a password—'something you know' in security lingo—and confirming their identity through a hardware device (or a token)—'something you have'. In addition to your password, you are required to input a code generated by a device when you are using internet banking services. That's two-factor authentication.

Some companies have developed new devices to save users from the trouble of having to read the password on the token and retype it. Google has experimented with different technologies, including a token that can be plugged into a USB port to communicate with the computer to verify your identity, and apps on smartphones and wearable devices such as watches that can send signal to computers to confirm user identity.

Two-factor authentication adds a second layer of security to your computing account. But it's inconvenient. Now some believe that the key lies in your body—'something you are'.


Arrow PrevArrow Next