I get it. Hackers are targeting my every move online trying to steal my information to do who knows what, but password policies (in my opinion) are getting just a little bit out of hand. I get that online banking needs a secure password and my work email does too, but some of these passwords require more work to figure out than the actual work I’ll be doing when I actually log into these sites.
To pick a really great password apparently it has be at least 8-16 characters, include both upper and lower-case letters, you have to use numerical digits, include special characters. You also shouldn’t use personal information for your password. Are you exhausted yet? Then after you’ve finished coming up with some weird unfamiliar combination that you WILL most definitely have to write down somewhere (which is the number one thing security experts say you shouldn’t do)… it turns out the series of characters may not be strong enough, so you have to start over. Argggh!
After a couple of tries for what may be the most secure combination of numbers, letters, and special symbols you’ve FINALLY come up with something that works, but don’t get too fond of it because you’ll have to get a new password in 90 days! These combination requirements aren’t just used for top-secret information online either. I’m talking every day, run-of-the-mill sites, like newspaper websites. Nope, I’m not kidding.
Yes, most windows and Mac web browsers offer to memorize some of these passwords for you but it doesn’t work for all websites, and if you are using your phone to enter these websites, well you better remember your password.
I’m currently juggling around 20+ passwords, everything from my Salesforce login (for work) to my Groupon App password. Needless to say it’s becoming a bit overwhelming. It’s a good thing some software developers have realized this is becoming an issue for us normal non-photographic memory folks and they have developed some apps to help us store these brain-racking combinations. Never mind you need a password to access your passwords, but if I only have to remember one, I’ll be happy.
Password memorization programs are available like LastPass, KeePass, Roboform, Dashlane. They keep track of your passwords and offer automatic login on websites, most of them, of course, for an annual fee.
Google is also researching how to make our password-laden lives easier. They are currently testing a prototype USB drive that is mounted to a ring, or another piece of jewelry you can have with you at all times, it would have cryptographic key that you’d have to register with websites to be able to access them later just by using the USB on a computer. It sounds great and all but this doesn’t really help if I’m trying to log on to a website from a device without a USB. Plus, what happens if you lose that ring? Thanks, but no thanks.
In trying to figure out what password programs would be the easiest (for me), I stumbled upon some interesting, minority report-type password authentication research being done by the Mind Research Network. Soon enough we may all be set free from the ‘password-remembering hell’ we’ve been living in lately. All it could take is having a reaction to an image, but since I’m no scientist I’ll let the scientists explain it to you here.
The other research being conducted is using heartbeats to authenticate a password. According to researchers at Draper Laboratory everyone has a different heartbeat and within your own heartbeat there are two “humps”(imagine seeing it on an electrocardiogram). Even if you’re heart rate is elevated sometimes, one of the “humps” will always stay the same. The challenge, scientists say, is picking up the signal of your heartbeat from a distance. Luckily for us, there are some pretty smart folks who have already found the solution to the challenge. Nymi is a wristband that confirms a user’s identity with electrocardiogram sensors. Take a look:
It may seem a bit far-fetched but the folks at Bionym have already put Nymi to work and opened up pre-orders of the $79 techy wristband. Shipping will begin early next year. The goal, the makers of Nymi say, is for consumers not to have to manage passwords but do away with passwords all together. Finally someone is getting to the ‘heart’ of the matter one heartbeat authentication system at a time.