Love them, hate them, makes no difference.

Online tax payments, banking, insurance, travel, your e-mail account…
Your login and password secure access to all that, and every single one of them is subject to a different, arbitrary policy set by someone stuck in the 1980s.

Today, let’s take a look at a history of failed passwords, and what’s being done to address them.

The failure of password requirements

Back in the 80s, people came up with the idea that passwords needed complexity rules, so that they’d be hard to guess by another human, a dictionary attack, or even an automated program.

Indeed in 1979 Thompson and Morris discussed dictionary password attacks in their “Password security : a case history” article.

In that same article, Thompson and Morris proposed the first ever set of password strength rules, with 6 characters minimum, down to 5 if your password included non-alpha.

This would be the beginning of a spiral to insanity, of passwords written down on post-its, duct-taped under keyboards or to monitors, or kept in plain-text files on disk drives.

Read the full post on our Blog by clicking here


Share This Story, Choose Your Platform!