05/16/2022

In Memoriam: Forgetting Your Password

​In our password-less future, much will change

Faces rule, brains drool. This is what Apple, Google, and Microsoft decreed earlier this month when they announced they’d be expanding their support for the industry group FIDO Alliance’s fight to replace the internet’s billions of password-based logins with smartphone-based passkeys, which are unlocked by your PIN, your fingerprint, or your face. The announcement from the three browser giants, made on World Password Day (who could forget?), marks what Microsoft calls a “monumental step toward a world without passwords.” It’s also a monumental victory for your face. So, get to a mirror and kiss that mug—it snorts, it burps, it blinks and it may soon open-sesame the universe.

The FIDO Alliance wants to remove our stupid brains from authentication entirely. With good reason. The world’s most common passwords are still 123456, 123456789, qwerty, and password. The most common animal as a password is monkey; we love to remind ourselves how little we’ve evolved. If we’re not getting hacked with weak passwords, we’re getting locked out with the strong passwords we can’t remember. By some estimates, four out of five of us have forgotten at least one password in the last 90 days, and a quarter of us lose a password at least once a day.

But perhaps our brains have been set up to fail. Between apps, subscriptions, banks, and email accounts, the average person has about 100 passwords. In contrast, the average person has about one face, and it’s unforgettable (just look at you!) and mostly unhackable. A password-less world is a more secure world. But it is a world with fewer reminders that we forget. And let’s not forget that forgetting reminds us of who we are.

Please select this link to read the complete article from WIRED.