The fact that we have checkboxes to get our programs to remember passwords means the system is too intrusive. After all, that checkbox basically says "Turn off security", and people still click it. People want secure data and they want to remember approximately zero passwords. Somewhere along the line, you'll have to prove who you are, so I'm thinking that passwords will be an option for a long time to come. The biometric and physical key options have many of the same problems.
If everything was stored and transmitted with strong cryptography, would we still need to identify users? To an extent, we may be able to just trust that the only person able to decrypt the messages is the intended recipient. Of course, then you have to worry about someone stealing your crypto key.
Mokalus of Borg
PS - Security is not an easy problem.
PPS - Even a crypto system can be bad enough to be effectively wide open.
No comments:
Post a Comment