Guy who thinks passwords are outdated, setting a new password for his bank app: Hmm, how about Christmas123!, just like all my other logins so I don't have to worry about forgetting it!
A fundamental problem with passwords is that you either have a "secure" selection of large, distinct, constantly rotating codes that you have to keep track of on paper/in an app (insecure!) or a single memorable code that - once it is cracked - exposes all affiliated systems (insecure!)
There's a serious argument to the effect that a physical id tied to a digitally managed rotating set of large arcane codes is at least as secure as the paper/app-based list of hard codes. The big problem with this technology is that it requires a more complex hardware interface with more attendant IT support. So you're talking about $$$ that people don't want to spend for additional technical security.
Two-factor authentication is cheaper and easier than biometrics. So we've settled on that instead.
Guy who thinks passwords are outdated, setting a new password for his bank app: Hmm, how about Christmas123!, just like all my other logins so I don't have to worry about forgetting it!
A fundamental problem with passwords is that you either have a "secure" selection of large, distinct, constantly rotating codes that you have to keep track of on paper/in an app (insecure!) or a single memorable code that - once it is cracked - exposes all affiliated systems (insecure!)
There's a serious argument to the effect that a physical id tied to a digitally managed rotating set of large arcane codes is at least as secure as the paper/app-based list of hard codes. The big problem with this technology is that it requires a more complex hardware interface with more attendant IT support. So you're talking about $$$ that people don't want to spend for additional technical security.
Two-factor authentication is cheaper and easier than biometrics. So we've settled on that instead.
just like how every one of my work passwords that i never set but just came with the IT gear i use is "season two digit number"