Password Memory Overload

April 9, 2007

Where Did All The Passwords Go?

Internet users claim “bad memory” forces them to reuse the same passwords over and over. A UN report warns that password re-use heightens the risk for identity theft. A new wave of Online Password Managers may be the answer.


How many passwords does the average web goer have to remember? Between social bookmarking, photo albums, blogs, gaming and the slew of new services popping up daily, the answer to that question should be: lots.

On the contrary, Internet users tend to reuse the same passwords on many different sites. BBC News recently reported in UN Warns on Password ‘Explosion’:

“The number of passwords and logins web users need makes it inevitable they will re-use phrases, warned the International Telecommunications Union.”

It’s a memory problem

People simply can’t, and won’t, remember hundreds of passwords. Password re-use may make life easier, but it also significantly increases identity theft vulnerability.

The ITC “called on regulators and businesses to find better ways for people to identify themselves to websites,” reports the BBC. But Internet users may get the reprieve they’re looking for sooner than expected. The proliferation of online services at the heart of the problem, could also provide the solution.

Open sesame

The idea isn’t new: one master password to access all the others. Password managers have been around for eons. Traditionally they are installed directly on the user’s computer. However, with the constant onslaught of malware and viruses, desktop applications may prove to be increasingly less secure.

Pioneers in online password management launched as early as 2005, giving web users a taste of anytime, anywhere access to their passwords. The fourth quarter of 2006 saw a new wave of Online Password Managers sprout up.

According to PassPack founding partner Tara Kelly, the emerging Online Password Managers offer a layer of security that wasn’t feasible until the recent large-scale adoption of Ajax scripting.

“The new client-side cryptographic techniques don’t replace the old standbys: they build on them. No longer do developers have to rely solely on the little SSL padlock to make their sites safe, now they can leverage the browser as well.”

Crossing the chasm

Growth for the new OPMs has been somewhat stilted by concerns about Ajax-run websites being easy targets for hackers, but the experts confirm: a poorly built website will be easily violated, a well built one will not – Ajax is irrelevant, what’s important is that it’s high quality.

“Once that message makes it through to the mainstream,” says Kelly, “we’ll be seeing a spike in Online Password Manager usage. People just want something safe and easy. That’s not too much to ask.”

For additional information contact Tara Kelly or visit www.passpack.com

About PassPack

PassPack launched in December 2006 at the LeWeb3 convention in Paris. PassPack provides a secure place where individuals and businesses can store their passwords, links and private notes, protecting them from prying eyes and malware. The service is free of charge and accessible 24/7 via Internet.

Contact

Tara Kelly, PassPack Founding Partner
tara@passpack.com
http://www.passpack.com

Technorati Tags: , , , , , ,