Don't Kill the Password. Change the Password

Document Type

Response or Comment

Publication Date





Condé Nast




TO ACCESS TO most accounts online and on computer systems, users authenticate their identity by logging in with a password. People are asked to do the Herculean task of coming up with unique long and complex passwords for each account, committing them all to memory, and then changing them frequently. The task is nearly impossible, and when most people fail, they’re the ones who are blamed. But people are not to blame. The problem is with passwords. Passwords are a terrible way to protect the security of data, and they are at the center of far too many data breaches.

It’s time for a change. Passwords alone can’t hack it. There is widespread consensus among data security experts that using only passwords is poor security, and there are readily available alternatives. Yet the lone password has been used for authentication for so long and so widely that it is difficult to change the status quo, even if many wished to. It’s time for the Federal Trade Commission (FTC) to step in and give the lowly password some backup in high risk contexts by requiring a second factor for authentication.

This document is currently not available here.

Publisher Link