Automatic password changing and password-free standards are two different approaches to digital security.

How to Get Rid of All Your Terrible Passwords at Once

How to Get Rid of All Your Terrible Passwords at Once

Future Tense
The Citizen's Guide to the Future
Dec. 10 2014 5:12 PM

How to Get Rid of All Your Terrible Passwords at Once

key
What’s the next step after a lock and key?

Image from Sebastian Radu/Shutterstock

2014 has been a banner year for hacks: Sony Pictures, Home Depot, the Post Office. Nothing is safe. So you tried password managers and tricks for creating/remembering strong passwords. Great! But then you immediately abandoned both efforts and went back to password1 because anything else is too annoying and complicated to deal with.

Technologists are trying to solve this problem, though. The current system makes it difficult for everyone—including governments, companies, and consumers—to protect themselves, and that’s just bad. Alternatives like biometrics haven’t seemed so solid in the past, but two new approaches are working to address the problem.

Advertisement

One is the idea of making it extremely easy to change any or all of your passwords whenever you want. Instead of having to go through a multistep process for each account, password managers like Dashlane and LastPass implemented automatic systems on Tuesday that sync across your devices and with the services your accounts belong to. The idea is that by using automatic password change features you can regularly revise the passwords for your accounts on Gmail, Amazon, Facebook, and everywhere else.

LastPass’s automatic password changer currently supports more than 75 types of accounts. Its password changes are also all stored locally instead of in the cloud, so companies don’t have access to your actual passwords. Dashlane’s password changer works with more than 50 sites right now and will be supported on mobile in addition to desktop versions soon.

Dashlane’s CEO, Emmanuel Schalit told the Next Web, “We have created an identity layer which turns the password into a purely technical device that exists in the background but which humans don’t interact with it.”

But if you just don’t want to work with password managers at all, there’s another security strategy in the works that’s totally password-free. The FIDO (Fast IDentity Online) Alliance is a trade nonprofit that includes members like Google, Samsung, Alibaba, and PayPal, and is essentially working to implement password-free two-factor authentication.

The idea is to use something physical, like a special flashdrive or biometrics, as part of two-factor authentication. On Tuesday the Alliance announced FIDO 1.0, a standard for implementing this type of authentication in a uniform way. We’re a long way from universal implementation, but now that there’s a free standard it seems more likely that a world without passwords could evolve.

If the year’s hacks have taught us anything, it’s that we need to be protecting our cyber-selves now. But if you’re still struggling to find the motivation, better options that are more secure (and will enable maximum laziness) seem to be on their way.

Future Tense is a partnership of SlateNew America, and Arizona State University.