Home Debate Around Password Security Overlooks Universal Logins

Debate Around Password Security Overlooks Universal Logins

Must include at least one number. Must be longer than six characters. Cannot have more than four sequential characters from your previous seven passwords. The rules for password creation vary wildly from site to site, an effort to protect users from those who would hack their identities.

These protective measures don’t go very far, according to the New York Times, because hackers can get ahold of passwords with software that remotely tracks keystrokes, or by tricking users into typing them in. The story touches on a range of issues around the problem, but neglects to mention the obvious: the march toward a centralized login for multiple sites.

A universal login could solve a lot of the issues around password security, from keylogging to the problem of users having their passwords discovered after writing them down.

It would also solve the problem of password-overload. Managing logins for all the Web sites that require registration is a pain, and any frequent Web user who says differently is either lying or has a photographic memory. Browsers have taken some of the pain away by remembering passwords for us, but clear your browser’s history and suddenly you have to answer secret questions and email your username to yourself for umpteen different sites.

A handy chart to help you create secure passwords, from Microsoft.

One or more options for a universal login is inevitable and progress is well underway. More and more sites are supporting the easy-to-use Facebook Connect, which lets users register for a site with their Facebook profile instead of creating a site-specific username and password. As of last year, there were more than nine million websites using OpenID, the openly-developed standard that users can use to log in across multiple sites.

Standards like OpenID carry their own security problems (and other problems – see The Troubles With OpenID 2.0), the obvious being that a successful hacker can gain access to all the sites and services you use at once. But the convenience of a universal login is irresistible, especially for the myriad sites where there’s no danger if your password is hacked, such as news sites. Users who try it won’t want to go back – which is why it’s important to talk about the security issues around these new protocols for users and the sites that implement them.

How do you manage your logins?

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.