World Password Day – the 1960s just called and gave you your passwords back

Security

Back in the late 1960s and the start of the 1970s (or so we’ve heard), primary school children in the UK got a special treat.

Unlike their parents and grandparents before them, they were exempted from learning how to do calculations involving money.

Their teachers were no longer expected to show them how to do the confusing and needlessly complex sums required when working with the UK’s “old money”, even though it was still the official currency.

Widely referred to as LSD, short for the old Latin words librum, solidus and denarius, the units of Pounds, Shillings and Pence (itself an archaic alternative form of the word pennies) made up the strange monetary system of the day.

There were twelve pence in a shilling, and 20 shillings in a pound, so even simple shopping tasks in Britain used to require familiarity with decimal, duodecimal and vigesimal numbers, or base 10, base 12 and base 20 respectively.

Also, the coins not only had a mishmash of historical names, including florins, half-crowns and thr’p’ny bits, but also a curious array of values: 0.5d, 1d, 3d, 6d, 1 shilling, 2 shillings, 2.5 shillings and 5 shillings.

The reason for this late 1960s pedagogical exemption from learning about LSD was obvious: the “old money” was scheduled for blanket replacement in 1971.

A much simpler decimal currency of 100 pence to the pound was on the way, with a more predicable progression of coins going 0.5p, 1p, 2p, 5p, 10p, 50p. (For some reason, the 20p coin was omitted at first and didn’t come out for a further 11 years; the minuscule 0.5p coin vanished forever in 1984.)

Why bother?

Why bother learning the intricacies of a counting system that had next to no life left in it, and that would ultimately not be missed for a moment even by people who thought it would be a wrench to leave behind?

Well, that’s where some people seem to think we are with passwords right now.

No one likes passwords; everyone is gasping to leave them behind; and the technology marketplace is promising a perfectly passwordless future any time now.

So why bother with World Password Day when we’re soon going to have a great big World Password Bonfire…

… and replace passwords with something else that’s easier and better?

Real soon now

In fairness, it’s OK to assume that passwords are ultimately going to to be replaced, but only if you also remember to ask the important question, “When?”

We suspect, though we’d love to be wrong, that we’ll take delivery of our Permanent Password Replacement Device at the same time that we get the personal jetpacks, the flying cars and the self-ironing shirts that everyone was promised back in the day…

…way back in the day, in fact, when that previous generation in Britain was being promised “new money”.

Britons, of course, did get their decimal currency as planned, but the other technological marvels that were “expected soon” have turned out to be “a few years away yet” ever since.

And that’s why we still support the idea of World Password Day here on Naked Security, because our passwordless future is still largely in the future.

We’re suspect that we’re likely to be stuck with passwords on at least some of our accounts, if not most of them, for several years yet.

So we might as well do the best job we can with the “old money” password technology that we still rely upon today.

The problem with passwords

The problem with passwords is that if they’re hard for criminals to guess, they’re also hard for you to remember.

So, if you’ve fallen into the bad habit of choosing easy passwords, or if you repeat the same password over and over again, switch to using a password manager instead.

Password managers can make up weird and complex passwords automatically, mixing up All S0rts! OF Ch*r@cters, and can remember those passwords securely so you don’t have to.

Also, password managers don’t remember websites by what they look like (something criminals can easily copy), but by matching the exact website name.

Fake web pages, known as “phishing sites” because they try to reel you in like an angler and capture your password, won’t fool your password manager, even if the crooks come up with a website that looks very similar to the real thing.

You might be tricked by a website name containing the digit one (1) instead of the letter I, or the digit four (4) instead of A, but a password manager won’t, so you’re much less likely to put your real password into a fake website by mistake.

Of course, you will need a really strong password for the password manager itself, but you can use a series of words or a passphrase instead of just a single word, as explained in our popular How To Pick A Proper Password video:

If in doubt

As we said above, even though lots of companies claim to be working on technologies to replace passwords completely, we think that passwords will be an unavoidable and necessary part of our everyday digital life for many years yet.

So it’s still worth learning how to pick proper passwords, and how to avoid getting tricked by bogus phishing messages that lure you onto fake login sites to steal your login details.

Remember, not just on World Password Day, but every day: If in doubt, don’t give it out!


Products You May Like

Articles You May Like

The CHRISTMA EXEC network worm – 35 years and counting!
Majority of US Defense Contractors Not Meeting Basic Cybersecurity Requirements
Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin
‘Black Proxies’ Enable Threat Actors to Conduct Malicious Activity
U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk

Leave a Reply

Your email address will not be published. Required fields are marked *