Children’s Passwords Managed by Schools

https://theconversation.com/controlling-childrens-passwords-is-a-flagrant-breach-of-their-privacy-141031

A friend of mine brought me to this article. I took this phenomenon as a warning on the difficulty of having children manage their passwords.

Adults often fail to manage their text passwords. It is not hard to imagine what would happen if we force children to manage their text passwords by themselves, especially where they are told to use strong passwords; teachers would be wasting a vast amount of time for the frequent password reset, with much less time left for educating children.

Removing the password and bringing in biometrics would only make the matter worse as discussed here – “Removal of Passwords and Its Security Effect” 

The lesson we should extract from this episode is that children should be offered a non-text password system that they can easily use without teachers' intervention. Our proposition is “Summary and Brief History - Expanded Password System” https://www.linkedin.com/pulse/summary-brief-history-expanded-password-system-hitoshi-kokumai

Body features are no more than body features

Can you be happy to see your external body features declared to be ‘what you are’?

 Quite a few security experts have long asserted that there are three components for identity authentication – ‘What We Remember’ (Secret Credential), ‘What We Have’ (Tokens and Cards) and ‘What We Are (Body Features).

 Feeding a correct secret credential is under our control. So is presenting a correct token or card to some extent. But our body features are just beyond our control. Wouldn’t it be more appropriate to call it ‘What Our Body Features Are’?

 Furthermore, whether the secret credential is correct or not is ‘Yes or No’, in other words, it is deterministic. So are the token and card. But measurements of our body features give us the answer as X% probable and Y% improbable. It has to be inevitably probabilistic due to the inherent nature of body features of living animals that we can by no means put under our control.

 ‘What we remember’ and ‘What we have’, which are both deterministic, can be used together in a security-enhancing ‘two-layer’ deployment, whereas probabilistic ‘what our body features are’ can actually be used with another factor only in a security-lowering ‘two-entrance’ deployment.

 As such we have now come to observe that we actually have two factors of ‘what we remember’ and ‘what we have’ as valid authenticators for identity assurance, with ‘what our body features are’ to be counted in cyberspace as an optional tool to increase convenience at the sacrifice of security.

 It might sound a bit outrageous to the old school who have long taken it for granted that ‘what we are’ is made of our external body features. But we are confident that the public will agree with us at the end of the day.

What makes ‘What We Are’?

 Cognitive science supports the observation that our sense of self is made of our memory, especially a part of our autobiographic memory named episodic memory. This observation of our identity is also supported by a number of philosophers. We can rely on these observations for stating that what makes ‘what we are’ is ‘what we remember’.

 We may be a minority in the domain of cyber security and identity management at present, but it does not affect what is correct and what is wrong.