A long-awaited human dream is finally in sight. No, not the end of COVID, or humans landing on Mars, or even a long-sought cure for insomnia.
It’s the end of online passwords, a scourge that’s tormented the human race for far too long as we continually forget our passwords, get locked out of our email, update our passwords and forget them again.
But last week, Apple announced it’s terminating all password use later this year and apparently Microsoft and Google will soon follow.
Tech companies are abandoning passwords because they’re usually easy to hack. The most commonly hacked passwords are 123456 and 654321, ones even a modern-day infant can crack.
They’ll be replaced with “passkeys” that capture our face or thumbprint one time. After that we can supposedly access any bank account, subscription, website, personal device or secret spyware we need.
So the password pandemic may be history long before COVID.
It’s barely in time for us users, too. The average person now has more than 100 different passwords, overwhelming our mental capacity and creating a global password glut.
Studies find more than half of us reset at least five passwords each month and half of those forget their new password immediately after resetting it. That’s why the average person gets locked out of online accounts 10 times a month.
Why the difficulty? Many of us have ransacked our brains for stronger passwords than 123456, but ones we can remember without writing down. (Or finally learning to use a ‘password manager’).
So we use things like family member names, birthdays, or landmarks we see regularly. For a long time, I used Schwartzslean1, Poutinegrande2, and Bigowe1976$.
But it’s never long before I get a message from Apple saying either:
“A) There has been a data breach and your password may have been hacked, or
B) we require you to update your password every little while for security purposes, or just for our amusement.
Either way, please create a new password now. This time include letters, a number, an Egyptian hieroglyphic and a special character in Swahili.”
It’s become overwhelming. Let’s say your original password was Pothole27, which you’d chosen and even memorized because you recently fell into one.
But then you had to add a special character so it became Pothole27#. Naturally you forgot it when signing in next time — did you use a capital letter for that site, or all lower case, and did you need the # “special character” on that site?
So you change it again, this time to Pothole27!, then later to Pothole37#, then to Pothole 47$#. Eventually you have 23 different pothole passwords to remember for different apps or sites, along with 37 varieties of OrangeCone12*, Bigowe1976$ and Cul-de-sac@5!&.
By now, your mental hard disk is so clogged with passwords you can’t recall anything else, including your own phone number, or your spouse’s birthday, or name, or … Hmmm, what was I just saying?
Fortunately, nowadays we don’t have to remember trivial info like the above since we can look up anything online, including our spouse’s name on Facebook — and whatever it was I was just saying.
Oh yeah! — We don’t really need our memory that much anymore since Google has replaced it, largely to leave more space for our passwords. So how will we use all that extra mental password space when we don’t need passwords anymore?
It could be like the landline era when we all remembered hundreds of phone numbers because that’s how you phoned people. But then, with cellphones, we could file those numbers in our phone’s contacts, so we didn’t need to remember them anymore.
Yet I still remember more than 100 defunct telephone numbers from my youth. How are you RE-73126? I remember your number well but have no clue who you are.
Soon we will be able to forget our passwords, too, but I will probably remember Pothole47!$# and dozens of others like it for decades after they’re extinct.
The passing of the password will be a historic moment, but don’t get overexcited yet. Every solution creates new problems and face recognition will, too.
In five years, you’ll get a message from your bank saying your face has been stolen in a data breach and you must upload a new face immediately.
You may not need an actual new face (unless there’s a laser surgery app on our phones by then). More likely you’ll just have to take a new photo making a funny face, or holding a finger to your nose, or gripping today’s newspaper like a hostage to prove you’re you today.
Then every couple of weeks, you’ll be asked to update your face again, and again, for security purposes until you can’t stand to see yourself in the mirror.
Eventually, Apple or whoever will announce they’re replacing faces with some brilliant new security system based on your own distinct heartbeat, or unique burp or whatever, that nobody can possibly steal.
You’ll be relieved. But part of you might be nostalgic for the days of Pothole47$#.
To read more columns by Josh Freed, click here:
Josh Freed: Quest for ‘The Best’ can be a soul-draining test