Techdirt Podcast Episode 92: Passwords Suck; What's Next?
from the correct-horse-battery-staple dept
Data breaches that expose passwords are pretty much a fact of life at this point — and the effects are multiplied by the fact that many, many people reuse passwords no matter how much they know they shouldn’t. As such, there’s a big push to move to password managers, two-factor authentication, and even biometrics — because the simple fact is that the password sucks. This week, we’re discussing what if anything will succeed in replacing it.
Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.
Filed Under: encryption, passwords, podcast, privacy, security
Comments on “Techdirt Podcast Episode 92: Passwords Suck; What's Next?”
No mention of SQRL?
No love for Steve Gibson’s upcoming SQRL password-less authentication?
https://www.grc.com/sqrl/sqrl.htm
Randomness
You seem to indicate the randomness of a (master) password is very important, even going so far as to claim that a non-random passphrase that you choose yourself “can be figured out”, but my understanding is length is far more important than anything else, including randomness. Isn’t it true that a meaningful 60 character phrase that isn’t at all random (but also not a common string like a popular saying or some such) is much harder for a computer to crack than 30 characters of randomly chosen words?
If anyone’s interested, LastPass is very similar to Dashlane from Mike’s description. It also supports fingerprint authentication on Android – don’t know if Dashlane does. One difference is if you want to synchronize between devices with Dashlane it’s $40 a year, but only $12 for LastPass.
Now listen to the podcast and count how many times someone says “like”. 😉
Dashlane ad…