While there is speculation about a future without passwords, it’s not time to count them out. This summer, Wired published a piece on “Why the Password Isn’t Dead Quite Yet.” A more recent article states that “a completely passwordless future is still a ways off.”
Like many things in life, passwords are welcome in some situations, less so in others.
Many specialists in cybersecurity recommend multifactor authentication, or two means of identifying oneself to get access to a secure computer system. Simpson said the community will likely see passwords supplemented by another means to establish identity, such as a code received by smartphone.
Three Ways to Authenticate
Stacey Anfuso, CEO and founder of
Authentication can come from several sources: something you have, something you know and something you are, Anfuso said. Many systems require a combination of those.
Something you are can be biometric data, such as a fingerprint.
Something you have can be a token, such as a texted code received on a smartphone.
Something you know can be a password.
The first two of those, biometrics and tokens, require no thought or memorization, Anfuso said. They are easier to use.
Anfuso does work with the Defense Department and more recently has taken on work for private defense contractors. In recent years, the Pentagon has tightened internet security rules for its contractors.
Keyboards and Readers
Scott Sakai said hardware considerations are one reason the password is likely to endure. Everyone has a keyboard. Not everyone has a fingerprint reader.
One trend in password authentication is called federated identities. The term refers to people logging into websites using other accounts, such as Google or Facebook. Scientists using the supercomputer center get access through a federated identity system associated with the university.
An Education Push
The government is funding cybersecurity education at multiple levels, said National University’s Simpson. Students in grades K-12 will learn with new security education curriculum as soon as 2022, he said.
The National Security Administration and the U.S. Department of Homeland Security have designated National University as a Center of Academic Excellence in Cyber Defense Education. It was the first institution in San Diego to be designated as such in 2012. Its master’s degree program was recently re-designated through 2028.
Simpson also said there is some research showing passwords do not need to be as complex as they have needed to be in the past. The security community is also debating how often computer users should change their passwords.
A password, of course, should not be so simple or commonplace that a hacker can guess it. The ideal password is something complex.
Sakai said that people use weak passwords because they are only human, and have trouble remembering complex, 15-character passwords full of special characters. People use coping mechanisms to make the use of passwords easier. For example, they might use the same passwords on multiple computer systems. The down side to that is if a hacker is able to get one password, he can successfully use them in multiple places.
INTERIM PRESIDENT: Randy C. Frisch
HEADQUARTERS: Torrey Pines Mesa
BUSINESS: Higher education for adult learners
EMPLOYEES: About 700 in San Diego
NOTABLE: National University is celebrating its 50th anniversary this year
CONTACT: (855) 355-6288
La Jolla Logic
CEO: Stacey Anfuso
HEADQUARTERS: Downtown San Diego
BUSINESS: Defense contractor specializing in IT
EMPLOYEES: More than 60
NOTABLE: The company has partnered with the USS Midway Museum for a series of virtual presentations connecting the museum with its members
CONTACT: (619) 535-1121 or email@example.com