Sunday, August 23, 2009

Password plethora

If you’re like me, you have a multitude of login ID’s for a wide array of different computer systems and web sites. I think I have over 100, including some commercial web sites where I purchased something once, and may never again. Obviously, committing this number of strong passwords and login ID’s to memory is impossible (at least for me!) So there’s a tendency to repeat passwords, never change passwords, and write passwords down, ALL of which are security weaknesses. To make matters worse, a lot of those sites store sensitive personal or credit card information – and online credit card theft and identity theft are growth industries.

My own system is to use a small base number of passwords, which I modify from site to site. The passwords themselves are strong passwords. (I won’t tell you my specific strategy for making them strong. There’s a lot of advice for creating strong passwords available online.) I record all my login data in a list on my computer – but I don’t record the actual password. Instead, I record a code indicating which base password was used, and indicating the modifications that were made. The strong password makes it difficult for someone to guess my password, even with the aid of password hacking software, and the coded list makes it at least difficult for someone to figure out the passwords, even if they steal my list.

Unfortunately, the strongest passwords and the most secret-agenty codebooks are still vulnerable to sniffers – programs that lie in stealth on a computer, and record the keystrokes of the password. The only defenses against these are anti-malware software and frequent password changes. Using anti-malware software is a no-brainer. But changing an entire password infrastructure, and updating dozens upon dozens of logins is still a daunting and impractical task.

What is needed is for the whole identity-check process to be moved out of the responsibility of individual sites, and centralized in some way. Then, instead of recording its own password and ID information for every user, each site would just ask you for some sort of identity token, which it could verify through some central, secure site. Personal information could be passed from the central site to the commercial site on a “one use” basis; the central site would have a flexible system that let you specify which information a site was authorized to access. Each user would now have a small number of login ID’s at the central site (perhaps as few as one), and the use of strong passwords, memorized instead of committed to paper, and changed frequently, would be a lot less problematic.

Attempts have been made to set up systems like this, Microsoft’s Passport system comes to mind, and Google’s cross-system login that works for sites as diverse as Google Maps and Blogger. Paypal also implements some of this. But these systems have not been broad enough, or well enough received. (Distrust of the motives and disinterest of the parties setting them up, as well as their commitment to security, has probably been a factor in this.) Much of the infrastructure for a centralized login system exists, I think, in the digital certificate/digital signature industry. But it seems it will take a revolution for this to replace the plethora of individual logins that currently exists.

If anybody does try to set up a central login system, I hope they will keep in mind that people need to be able to have different ID’s. This may not be obvious, at first, or it may seem that multiple identities would only be necessary for nefarious purposes. But think about it. We all play different roles in our lives, and it is very useful to be able to keep these separate. Work and personal life are obvious choices. Some people may also work two or more jobs, or run two or more businesses. People may have hobbies or volunteer activities they may want to keep distinct. It is not hard to imagine a person having a work ID for her job, one for her moonlighting, one for her activities as a soccer coach, one for her music hobby, one for managing her portfolio, and one for general personal business. That is six “identities” and six login ID/password combinations, which is a bit much to manage – but a lot less than 50 or 100!

Management of multiple identities would be easier to manage (thinking even further ahead) if computer operating systems made switching users easier and faster. The epitome of a fast switch was found in old Unix text shell systems. You could just type “su”, a login id, and a password, and instantly you were someone else, until you logged out or typed “su” again. (The command “su” stood for “substitute user”, although it was so often used to switch to the all powerful system user “root”, that it became common to refer to it as the “superuser” command.) When you used the “su” command, nothing else changed. You were still in the same directory, working with the same files, on the same project, as you were before. Minimal additional system resources were used up. Compare this with “switching users” under Windows XP. (I am a Vista Resista’.) You choose “Log Off”, and wait, “Switch Users”, and wait (and wait), then log in again (and wait), and you wake up in an entirely new environment, with no easy way to navigate back to where you were before, AND it seems (at least to me), that the other user running in the background eats up a huge chunk of system resources, which can slow performance to nearly a crawl. Windows has something a little more like the “su” command in the “Run As” option, but this is obscure (I always have to hunt for it), and is restricted to one instance of one program at a time. (Hmmm..., I’ve never tried it with Outlook. That might be an interesting way to temporarily change your default email address and folder structure. Probably doesn’t work.)

So anyway, I dream on. The future is coming... eventually. But will it be bright, or more of the same muddled murk?

No comments:

Post a Comment