Expert: Complex passwords aren’t that much better

Many people often forget your passwords when they work after vacation. At this time, they can only go to the password record entered in the browser or their own password book, but some work items that require high confidentiality, the only way to recover the password is to recover the password. But experts say this is just the tip of the iceberg on password-related issues.

The Fido Alliance is an organization that focuses on helping the world reduce its dependence on passwords. They think that it is really difficult for humans to remember a complex string. Fido Alliance executive director, Andrew Shikiar said that it is indeed a “massive usability challenge” for humans to remember multiple complex passwords, and this “challenging” will prompt people to return to the habit of using the easiest to remember or reuse the same password, which increases the risk of password theft.

new encryption technologies splintering

“Linux password file”by Christiaan Colen is licensed under CC BY-SA 2.0

Raluca Budiu, director of the user experience design research and consulting company Nielsen Norman Group, agrees with the sentiment. From a user experience perspective, she said: “The biggest problem with passwords is that people have to remember them.” Have “different” and “more complicated than before” requirements (such as some websites require you to have uppercase letters, special symbols, numbers, or some other number of characters), think of meaningful passwords that are easy to remember are getting harder. Even for big users who can remember the super hard passwords they set, they will still encounter the problem of account theft.

Fido Alliance executive director Andrew Shikiar said that passwords are shared secrets that everyone can read, and the most terrible is that passwords are usually stored on a central server, so hackers can easily steal them, and the theft can be described in a variety of ways.

Jonathan Knudsen, a senior security strategist at Synopsys Software Integrity Group, said: “People overestimate the ability of websites to protect their passwords. This is why it is so important to use unique passwords for every site. If you reuse the same password everywhere, then a password breach at just one poorly-protected site can be catastrophic for you.” LastPass, a well-known password storage software, mentioned in the third annual global password security report that after analyzing data from more than 47,000 organizations, an average employee reuses a password 13 times.

Via: CNBC