Passwords are bad: the story of the Linkin Park singer on Wired
Passwords are bad. It is really necessary to restate it? Wired has a very interesting story about the singer of Linkin Park (one of the most interesting bands in the last years IMHO, but that’s not important here). Long story short, a hacker guessed one password (“Charlie”, not a very strong one) in use in his household and stalked his family for a year. Luckily everything is resolved now, but the conclusion of the article is especially interesting (edited by me for strong language):
Meanwhile, Chester Bennington is grappling with the headaches that increased security brings. His passwords are now long strings of random letters and numbers that he changes frequently. “I keep a list for every different thing, and it drives me out of my f**** mind,” he says. “I want to go back.” Back to Charlie.
Mr. Bennington, that’s called password fatigue. We are well aware of it, and we think we have a good solution: Windows CardSpace. If by any chance you’ll land on this post and you’ll want to know more, I will be happy to explain what it is about in details.
I still don’t get it – How do I move my Card from one PC to another? How can I use it from a public PC?
So I need to carry the file with me somehow. And import it to my profile on another PC??? Sounds like a stupid idea, because I will need to use some PASSWORD to associate the card with my profile on another PC. This will never fly. Tell your marketing people to forget it.
To replace passwords I am supposed to use CardSpace. And before I can use my card I need to login to my PC using some password. Nice replacement!
User experience is the key to success. You are right about security, but people are using things that are convenient, not secure. I would bet on something like Windows Live ID – single password for everything IS convenient (though may be not that secure)