By now, you've likely heard about Mat Honan from Wired. The man who had pretty much his entire digital life compromised in less time than an average office worker takes for lunch. Since then, Mat has been speaking out against passwords and recently published an article telling people just how vulnerable their passwords are.
Mat, we agree with you.
Stronger passwords sound great at first, but if I can trick the password reset mechanism into changing it into “12345” you haven’t really gained much. If the answer to your security questions turn up when I Google your username, your data is forfeit.
However, there is a glimmer of hope in the future of security. We are seeing increasing use of multiple factors of authentication and support for single sign-on systems like SAML that almost completely do away with passwords. And that is part of the system we continue to build directly in AuthAnvil.
I will be hanging with Mat during BlueHat in Seattle next month, learning from his experience in a talk he is doing for the security conference called "Passwords, Social Engineering, and the Anatomy of an Epic Hack". Should be an interesting talk. If you have anything interesting you would like me to ask him, send me a tweet to @danaepp or drop me a line at firstname.lastname@example.org and let me know.