Why Are Passwords Bad
A person who read my earlier post “No Password, No Phishing” suggested me to refer to writings on why passwords are bad.
Actually, I have read such writings dozens of times over two decades. Here is one of the latest – “Passwordlessauthentication: The future is here“
I agree that passwords are not secure – they can be lost, stolen and abused. I cannot disagree, either, that physical tokens are not secure – they can be lost, stolen and abused.
What puzzles me is the argument that the password should therefore be killed while the physical token should therefore be promoted. I feel like falling into a Rabbit Hole.
Is it simply due to a logical mistake of mixing up something ‘insufficient’ with something ‘harmful’?
< Key Reference >
* Attempts to compare the vulnerability of a wisely or poorly managed password with that of a poorly or wisely deployed physical token would obviously take us nowhere.
< Videos on YouTube>
< Media Articles Published in 2020 >
Digital Identity – Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/
‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/
Identity Assurance And Teleworking In Pandemic https://www.informationsecuritybuzz.com/articles/identity-assurance-and