There are so many problems with passwords its actually amazing. At Pseudo-Nym, Inc., we are replacing Passwords one at a Time.
Here is just a short list of issues with passwords:
- Easily Shared
- In the security world, passwords are merely "Something You Know", which means they are meant to be remembered. That means they can easily be shared with friends, coworkers, etc. Here is an exhaustive review of Password threats.
- Easily Stolen
- Phishing is a rampant problem where users are lured to a rogue Web site and tricked into divulging their UserID & Password. The perpetrator can then use the UserID & Password to hijack the user's account. And this can be done from anywhere on the Web. More information is available from the Anti Phishing Working Group.
- Too Many to Manage
- Passwords are like store brand credit cards - you have one per Web site. This means you create and manage a different password for each site you visit. This is called Password Proliferation.
- Managed by End Users
- This is a problem in the corporate world where employees manage the UserID's and passwords they use to access external services. This is a BIG problem for employers who want to manage those services. They can't manage them today.