• nat_turner_overdrive [he/him]@hexbear.net
    link
    fedilink
    English
    arrow-up
    30
    ·
    11 months ago

    Guy who thinks passwords are outdated, setting a new password for his bank app: Hmm, how about Christmas123!, just like all my other logins so I don’t have to worry about forgetting it!

    • zifnab25 [he/him, any]@hexbear.net
      link
      fedilink
      English
      arrow-up
      10
      ·
      11 months ago

      A fundamental problem with passwords is that you either have a “secure” selection of large, distinct, constantly rotating codes that you have to keep track of on paper/in an app (insecure!) or a single memorable code that - once it is cracked - exposes all affiliated systems (insecure!)

      There’s a serious argument to the effect that a physical id tied to a digitally managed rotating set of large arcane codes is at least as secure as the paper/app-based list of hard codes. The big problem with this technology is that it requires a more complex hardware interface with more attendant IT support. So you’re talking about $$$ that people don’t want to spend for additional technical security.

      Two-factor authentication is cheaper and easier than biometrics. So we’ve settled on that instead.