Techdirt Podcast Episode 92: Passwords Suck; What's Next?

from the correct-horse-battery-staple dept

Tue, Sep 27th 2016 1:00pm — Leigh Beadon

Data breaches that expose passwords are pretty much a fact of life at this point -- and the effects are multiplied by the fact that many, many people reuse passwords no matter how much they know they shouldn't. As such, there's a big push to move to password managers, two-factor authentication, and even biometrics -- because the simple fact is that the password sucks. This week, we're discussing what if anything will succeed in replacing it.

Follow the Techdirt Podcast on Soundcloud, subscribe via iTunes, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, passwords, podcast, privacy, security

3 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Stephen, 27 Sep 2016 @ 7:08pm

No mention of SQRL?
No love for Steve Gibson's upcoming SQRL password-less authentication?

https://www.grc.com/sqrl/sqrl.htm
[ link to this | view in chronology ]
nasch (profile), 28 Sep 2016 @ 5:59pm

Randomness
You seem to indicate the randomness of a (master) password is very important, even going so far as to claim that a non-random passphrase that you choose yourself "can be figured out", but my understanding is length is far more important than anything else, including randomness. Isn't it true that a meaningful 60 character phrase that isn't at all random (but also not a common string like a popular saying or some such) is much harder for a computer to crack than 30 characters of randomly chosen words?

If anyone's interested, LastPass is very similar to Dashlane from Mike's description. It also supports fingerprint authentication on Android - don't know if Dashlane does. One difference is if you want to synchronize between devices with Dashlane it's $40 a year, but only $12 for LastPass.

Now listen to the podcast and count how many times someone says "like". ;-)
[ link to this | view in chronology ]
Anonymous Coward, 29 Sep 2016 @ 6:32pm

Dashlane ad...
[ link to this | view in chronology ]