Opinion – Ronaldo Lemos: Time to say goodbye to passwords


In the early 1960s, physicist Fernando José Corbató had a problem on his hands. How to allow different people to share the same computer network, identifying each person?

Corbató then had an idea that would revolutionize our lives. He invented the login and password system, which quickly became the internet’s primary form of authentication.

Cut to 2022. Corbató’s invention has become completely hellish in today’s world. Logins and passwords plague the lives of every connected person on the planet. To make matters worse, most people use the same password for several different websites. Or, still, it uses weak passwords, easy to be guessed or cracked.

Not to mention the frequent leaks that reveal passwords publicly. For example, last week, a file circulated on the internet with the login and password of more than 1,500 emails from the federal government. An embarrassment, and a perfect tool for forgers to apply blows and other types of attacks.

In other words, much of the security of the digital world of 2022 depends on technology invented when the Beatles hadn’t even released their first album.

As a result, a consensus is forming that it is time to end the login and password model and create a new form of digital authentication.

There are many alternatives to this looming on the horizon. It is now common, for example, that several websites and applications only require the person’s biometrics to allow access on a daily basis. Whether fingerprint identification on mobile or facial recognition.

In addition, authentication applications are starting to become popular. When entering a particular service, the user has to confirm access through the app, or even enter a unique code generated by it on the spot.

But the biggest blow against passwords is being built through a tech industry coalition called the Fido Alliance (Fast Identity Online). This coalition launched this year a technical project to replace login and password exclusively with cell phones. If the person has their cell phone in hand, they can be authenticated by biometrics and thus access any online site without the need to enter passwords.

The system provides for the use of a “master key” that is safely stored in the device. This key would then open the door to any online service, without the need to remember passwords or login names.

Considering that the Fido Alliance has members such as Google, Microsoft, Meta, Amazon and several others, the change could be far-reaching.

The forecast is that as early as 2023 this new system will begin to become commonplace. Of course, it also raises questions. What if the cell phone is stolen? Or lost? Or forgotten open somewhere?

These questions remind us that the issue of digital identity is one of the most important of this decade. There are several models competing with each other, many even using blockchains and decentralized technologies. In this sense, a definitive solution will still take time to happen.

Despite this, it is good to take advantage of 2022 to say goodbye. This could be one of the last years in which Corbató’s invention will continue to make our lives hell.

It’s overNot taking care of physical hygiene

Alreadymental hygiene

It’s comingCybersecurity Hygiene (checking the quality of passwords and doing a periodic online security check up)

You May Also Like

Recommended for you

Immediate Peak