Computer security and theories on passwording

I believe in simplicity. Not only that things should be simple (though not necessarily easy, just logically basic). Things like security through obscurity and unnecessarily complicated password schemes are all bad ideas.

That said, I don’t like Jakob Nielsen’s suggestion to implement cleartext password boxes. Many others have reacted to this as well, with various reasons.

Nielsen has some good points. Very farfetched, but good nonetheless. Masked passwords make users uncertain, which causes them to choose “overly simple passwords”. Some argue that “most people type from muscle memory“. I do that too, but I argue it only complies to “most people who actually consider security hazards”. We’re more self-encouraged to choose strong passwords and generally more computer-savvy. Most actual computer users have visual or literal memories. They remember/verify the password when they see it.

Also, muscle memory doesn’t work for handheld devices. So Nielsen makes a good point, if it weren’t for shoulder surfing. Though Schneier mentions a reader comment referring to a marvellous solution for that:

A reader mentioned BlackBerry’s solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

But… The problem of good passwords isn’t solved. I strongly doubt that Nielsen’s cleartext boxes will make users choose something they wouldn’t be able to type when they’re drunk. (even though it’s a good idea in the sense of Gmail’s math security)

My personal theory is – in compliance with my love for Occam’s razor – that it might not actually be a problem. Users will always choose easy passwords. So why not – and sorry for stepping on Nielsen’s usability toes – force changing of passwords once in a while? It’s a pain in the ass, I know. But then again, it probably only should  be implemented as perceived necessary depending on the service.

Another way out is if the use of OpenID became more widespread. OpenID would eliminate the problem with keeping track of which password is used where. Also I think it could be used to avoid password phishing attacks etc. if people were used to the process.

7 thoughts on “Computer security and theories on passwording”

  1. Nåt som jag gillar är slumpmässigt genererade lösenord som består av språkligt korrekta stavelser. Kefnörbullererarum är mycket lättare att komma ihåg an Fgj85#

  2. I actually didn’t just argue that most people type from muscle memory. My major point was that using cleartext password fields would encourage people to pick passwords they had no chance of remembering, leading to more to-and-fro with password resets, etc., which is where the biggest security holes lie.

    Shoulder surfing is only a fraction of it, as most of the time we’re out and about we’re under surveillance of increasingly high-quality video cameras, the vast majority of which are privately owned.

  3. Jeremy: I believe that constantly changing passwords don’t have to be as complex, as in either case they will be

    This does not solve the case of illegitimate access to a database or similar. Though I would in most cases say it’s safe to assume that database access will be noticed, at which point all accounts can simply change passwords. Then future service won’t be affected.

Leave a Reply

Your email address will not be published. Required fields are marked *