The end of the password is near. The brains at Google are experimenting with new authentication technologies for email, but it's not just our email that needs saving. Passwords everywhere don't work. The most optimistic thinking goes that with every new massive account info hack, companies will start adopting better technologies for protecting our user data, until one day the password is as much a relic as the floppy disk. For a look into what will come next, The Atlantic Wire spoke with security experts and analysts and the future without passwords involves a lot more passwords than we expected.
It Will Still Involve Passwords...
Despite Mat Honan's strong assertion in Wired last year that "the age of the password has come to an end," pretty much everyone we spoke with doubted that the password would disappear forever. The password will live. It just won't be the only means of security. "Most people will move away from relying on passwords as the only means of authentication," said Jeremy Grant, who heads The National Strategy for Trusted Identities in Cyberspace, a government organization working to advance the password ecosystem beyond passwords.
Rather, in the future, the password will be part of the security "constellation," as Forrester analyst Eve Maler put it. For the most important gateways to our lives, like email accounts, Google's 2-step authentication, which The Atlantic's James Fallows is a vocal proponent, combines a password and an ever-changing code sent via-text. The second aspect might look an awful lot like a password—Google texts a string of characters, for example. Or it might entail something more personalized, depending on the type of information we're trying to protect. But the password will still be in the mix.
While hacks loom, any extra steps means more of a burden for the user. Yes, having to go upstairs to get your phone is more annoying than remember 25 passwords. That hassle will never be worth it for certains things. Also, because of that perceived annoyance, it might take awhile for the multi-step thing to catch on, unless companies mandate it.