We tend to think of passwords as little secrets meant to keep things safe when we use technology. But what if they’re actually making us less secure?
Best practice tells us that passwords should be unique for each file or account, shouldn’t be easy for a machine or human to guess, and should never be exposed or written down.
Once upon a time this basic formula actually worked pretty well. These days, though, we confront dozens of login and authentication prompts throughout the day for different devices, services, files, and uses. Our brains are just simply not equipped to follow best practice (especially the “not written down” part) in today’s complex digital world.
So what do we do? We start to compromise our system security. We rely on weaker passwords that are easy to remember and easy to compromise. We rely on sticky notes that expose credentials to anyone who glances at them. We use password managers with master passwords as single points of failure. We ask our friends, family, or colleagues to “help” us by emailing us account credentials in plaintext.
By making use of what many consider reasonable forms of assistance to stay within the lines of best practice, we actually end up creating security vulnerabilities to reckon with down the road.
In developing Atakama, we decided to take on this challenge for file-level protection by replacing passwords with threshold cryptography and our distributed encryption key management scheme. The end result? Better security for your protected files -- without all the hassle and worry of passwords.
Finally, some regulatory guidance that matters.
Understand some major drawbacks you may not be aware of.