[Cryptography] Passwords: Perfect, except for being Flawed

Rob Meijer pibara at gmail.com
Thu Feb 19 14:38:07 EST 2015


2015-02-17 22:42 GMT+01:00 Kent Borg <kentborg at borg.org>:

> On NPR this morning I heard a nice mangling of the old Churchill line,
> saying that passwords are the worst authentication possible, except for all
> the other systems. It occurs to me there is something deep in that.
>
> Passwords have serious problems, but they are bit like the problems with
> one-time-pads: cumbersome--but otherwise perfect.
>
> There is never going to be a generalized crack of the "password system".
> Even with some fancy Quantum Cryptography, passwords are not going to
> suffer a catastrophic failure. Flawed as they are in practice, passwords
> are a solid tool in principle.
>
> All the alternatives risk failure ranging from major to gigantic. All the
> alternative systems are complicated and brittle. Passwords are simple.
> Distributed. Robust.
>
> Our use of passwords, on the other hand, is terrible. But all the
> alternatives to passwords are worse.
>
> We should quit trying to craft fragile replacements and instead resign
> ourselves to cleaning up our act: quit reusing password the same passwords
> on different sites, pick good passwords, write them down our passwords, but
> otherwise keep them secret*.
>
> * Including not running spyware on our machines and not typing password Z
> into phishing site X.
>
> And then tell the world to do the same.
>
> Passwords are a fundamentally good system, but for their cumbersome
> details. All the alternatives are worse, and I think for rather fundamental
> reasons.
>
>
​Passwords are very much a flawed system for many reasons, and we should
definitely be able to do better.​ The problem however with doing better is
that passwords serve two practical purposes in a poor way and fixing one
means braking the other for what we don't have a suitable alternative.
Passwords are tokens of authentication and pretty poor ones at that. We can
create better tokens of authentication, but there is a problem with that.
Passwords for many systems also are tokens of authorization. That is, they
are tokens that are usable to delegate authority by sharing them. Security
people will tell you that sharing passwords is bad practice but
anthropologists will tell you that delegation is essential to cooperative
patterns between people and is basically hard coded into our human
socio-genetic fabric. Basically passwords are both a bit like passports and
like keys and as each of those they suck. If you try to fix only the fact
that passwords make lousy passports, you will end up with passwords that
stop being keys and you will frustrate delegation and thus frustrate our
very built-in tendency to delegate. Before we can start to set out
replacing passwords with better tokens of authentication, we should first
take care of the genuine need for better tokens of authorization. That is,
we should start with fixing the important problem (better keys) first
before trying for the less important problem (better passports).

Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150219/0e90e6fc/attachment.html>


More information about the cryptography mailing list