Maybe You Don’t Have to Use Strong Passwords for Every Account After All

The Citizen's Guide to the Future
July 16 2014 3:17 PM

Maybe You Don’t Have to Use Strong Passwords for Every Account After All

password
Maybe it’s not so bad that your password is 12345678.

Photo from Shutterstock/Cefo Design.

If you need strong passwords for every one of your accounts, from your local public library to your grocery store rewards card, then you just have to use a password manager. There's no other way to keep your letters, numbers, and symbols straight. But maybe the premise that you need strong passwords for everything is wrong. A new Microsoft study wants to give everyone a break.

Microsoft researchers Dinei Florêncio and Cormac Herley, along with Paul C van Oorschot from Carleton University in Canada, note that password managers generate great random login information, but can cause problems if users forget their master password.* As the Guardian reports, password managers also store passwords locally or in the cloud, and both approaches can be susceptible to hacks. The researchers wrote, “It introduces severe new risks: if the master password is guessed or used on any malware-infected client, or the cloud store is compromised, then all credentials are lost.”

Advertisement

Instead, the group argues that people should use weak, memorable passwords or the same password for low-importance accounts. That way they can focus on memorizing a few strong, diverse passwords for their most sensitive accounts, like email and banking. This seems especially appealing since password managers are difficult to use properly in the first place. (For instance, they make it harder to use a friend’s computer to log into your Gmail account.)

If you're currently using a password manager successfully this study might not be grounds to give it up, but if you've done absolutely nothing about password security when you know you should, this might be a good strategy to start with. Just make sure those important passwords really are super secure.

Correction, July 16, 2014: This post originally misspelled Carleton University.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Politics

Talking White

Black people’s disdain for “proper English” and academic achievement is a myth.

Hong Kong’s Protesters Are Ridiculously Polite. That’s What Scares Beijing So Much.

The One Fact About Ebola That Should Calm You: It Spreads Slowly

Operation Backbone

How White Boy Rick, a legendary Detroit cocaine dealer, helped the FBI uncover brazen police corruption.

A Jaw-Dropping Political Ad Aimed at Young Women, Apparently

The XX Factor
Oct. 1 2014 4:05 PM Today in GOP Outreach to Women: You Broads Like Wedding Dresses, Right?
Music

How Even an Old Hipster Can Age Gracefully

On their new albums, Leonard Cohen, Robert Plant, and Loudon Wainwright III show three ways.

How Tattoo Parlors Became the Barber Shops of Hipster Neighborhoods

This Gargantuan Wind Farm in Wyoming Would Be the Hoover Dam of the 21st Century

Moneybox
Oct. 1 2014 8:34 AM This Gargantuan Wind Farm in Wyoming Would Be the Hoover Dam of the 21st Century To undertake a massively ambitious energy project, you don’t need the government anymore.
  News & Politics
Politics
Oct. 1 2014 7:26 PM Talking White Black people’s disdain for “proper English” and academic achievement is a myth.
  Business
Buy a Small Business
Oct. 1 2014 11:48 PM Inking the Deal Why tattoo parlors are a great small-business bet.
  Life
Outward
Oct. 1 2014 6:02 PM Facebook Relaxes Its “Real Name” Policy; Drag Queens Celebrate
  Double X
The XX Factor
Oct. 1 2014 5:11 PM Celebrity Feminist Identification Has Reached Peak Meaninglessness
  Slate Plus
Behind the Scenes
Oct. 1 2014 3:24 PM Revelry (and Business) at Mohonk Photos and highlights from Slate’s annual retreat.
  Arts
Brow Beat
Oct. 1 2014 9:39 PM Tom Cruise Dies Over and Over Again in This Edge of Tomorrow Supercut
  Technology
Future Tense
Oct. 1 2014 6:59 PM EU’s Next Digital Commissioner Thinks Keeping Nude Celeb Photos in the Cloud Is “Stupid”
  Health & Science
Science
Oct. 1 2014 4:03 PM Does the Earth Really Have a “Hum”? Yes, but probably not the one you’re thinking.
  Sports
Sports Nut
Oct. 1 2014 5:19 PM Bunt-a-Palooza! How bad was the Kansas City Royals’ bunt-all-the-time strategy in the American League wild-card game?