Let's talk about that good old boogeyman of internet security: Passwords. No reason, I just want to talk about it.
Why passwords suck
Let's be honest. Passwords suck. Let's go over why:
- Too many passwords. Every service needs a password these days. There are initiatives like OAuth that help simplify the process by linking it to a different account, but really that's just shifting the issue to a different service.
- Too many passwords leads to bad password hygiene: Passwords are often reused (by far the biggest sin of password management).
- Passwords are also commonly reused, sometimes with a single digit altered.
The band-aid: Password managers
Password managers are a band-aid over the problem. They permit you to create long and secure passwords and you only have to remember your master password to get access to all your passwords.
That said, this essentially turns your password manager into your single point of failure. Once an attacker hijacks your manager, they control your entire system. Not good.
The possible solution: 2FA
2FA is probably one of the few solutions that will prove to be viable in the long run, although to realize it's full potential, it needs to see more use in Desktop tools and be longer than just 6 numbers.
The demon: Apple
Apple sucks. No really, they do. Even with passwords. For whatever stupid reason, sites can instruct Safari to refuse the usage of the Keychain app, and many sites do, thereby obstructing the viability of the Keychain app as an automated password manager.
Nothing too curious this time, I just wanted to vent a little.